mysql-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documents various shell commands (e.g.,
grep,mysql,mysqldump,curl) for manual developer workflows related to database migrations and testing in fileSKILL.md. - [PROMPT_INJECTION]: The
Required Pluginssection inSKILL.mdcontains directives to use a 'Superpowers plugin' and prioritize its methods. Additionally, the skill processes user-provided database requirements as part of its core functionality. Ingestion points: User-provided schema requirements and query optimization requests (file:SKILL.md). Boundary markers: None. Capability inventory: Use of shell-based database utilities as described inSKILL.md. Sanitization: Risk is mitigated by the skill's explicit requirement for parameterized queries and tenant-based filtering. - [CREDENTIALS_UNSAFE]: Example configurations in
SKILL.mdfor development environments suggest using arootuser with no password, representing an insecure default practice. - [SAFE]: The skill focuses on legitimate technical education and does not contain obfuscated code, unauthorized data access, or remote code execution patterns.
Audit Metadata