tidbx
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions to install the TiDB Cloud CLI by downloading a script from the official GitHub repository and piping it to the shell. This is the documented installation method for the vendor tool.
- [COMMAND_EXECUTION]: Authentication workflows suggest using the
--insecure-storageflag with theticloud auth logincommand, which allows the CLI to manage session tokens locally. - [CREDENTIALS_UNSAFE]: Reference command patterns for SQL user management include the
--passwordflag, which involves passing secrets as plain-text command-line arguments. This is a common pattern in CLI documentation. - [PROMPT_INJECTION]: The skill ingests JSON data from the CLI to render ASCII tables, creating a potential surface for indirect instructions if resource metadata is maliciously crafted.
- Ingestion points: Output from
ticloud serverless listandticloud project list(SKILL.md). - Boundary markers: No explicit delimiters are used to separate ingested data from the prompt context.
- Capability inventory: Creation and deletion of cloud clusters and branches via CLI commands (references/ticloud.md).
- Sanitization: Data is parsed and formatted into tables without explicit validation or escaping of the string content.
Audit Metadata