tidbx-serverless-driver
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- General Security (SAFE): The skill consists entirely of documentation and Markdown reference files. No executable scripts (.sh, .js, .py) are provided, meaning there is no direct execution risk for the AI agent.\n- Credential Handling (SAFE): All provided code examples use best practices for security, such as environment variables (e.g., process.env.DATABASE_URL) and clear placeholders like [username] and [password] instead of hardcoded credentials.\n- Dependency Management (SAFE): The skill recommends the @tidbcloud/serverless package. While not on the specific trusted source list, it is the official driver for a known cloud service and is suggested for manual user installation rather than being executed automatically by the skill.\n- Indirect Prompt Injection (SAFE): There are no surfaces for untrusted data ingestion that would influence the agent's behavior; the skill is strictly for developer guidance.
Audit Metadata