tidbx-nextjs
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill generates Next.js Route Handlers that process untrusted external data which could potentially contain malicious instructions intended for the agent if it later processes the database output.
- Ingestion points: Data enters the system via Next.js Route Handlers (
app/api/*/route.ts) in the generated templates. - Boundary markers: No explicit delimiters or instructions are provided in the code templates to distinguish between data and commands for downstream LLM processing.
- Capability inventory: The skill enables database read and write capabilities using the
mysql2driver andPrismaORM. - Sanitization: The Prisma template (
route-handler-prisma.ts) utilizes tagged template literals with$queryRaw, which automatically parameterizes inputs and protects against standard SQL injection. - [SAFE]: The skill manages sensitive information safely. Database credentials (
TIDB_PASSWORD) and SSL certificate paths (TIDB_CA_PATH) are retrieved from environment variables rather than being hardcoded. - [SAFE]: Dependencies and remote tools mentioned in the guides (
mysql2,prisma,create-next-app) are well-known, industry-standard packages from the official NPM registry.
Audit Metadata