tidbx-prisma

The skill's footprint is coherent with its stated purpose: it documents Prisma-based interactions with TiDB, TLS configuration, migrations, and safe raw SQL usage, using standard, verifiable sources (npm registries) and non-excessive permissions. No red flags indicate credential harvesting, supply-chain compromise, or autonomous real-world actions. Overall, the risk posture is benign to medium (due to handling of database credentials in code/config), with no evident data exfiltration or insecure practices beyond the normal sensitivity of DB connection strings. Recommend usage with standard secret-management practices (do not hard-code DATABASE_URLs in code) and review of TLS configuration per TiDB Cloud guidance.