mysql
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No malicious override or bypass instructions were found in the skill metadata or documentation. The instructions focus on legitimate database exploration and querying.
- Data Exposure & Exfiltration (SAFE): The skill uses a local JSON file for database credentials and provides explicit security guidance to use 'chmod 600' for protection. The example configuration uses non-sensitive placeholders like 'your-password-here' and 'dev-password'.
- Unverifiable Dependencies (SAFE): The skill depends on 'mysql-connector-python', a standard and well-known library for MySQL connectivity in Python. No suspicious external scripts or unknown packages are requested.
- Indirect Prompt Injection (LOW): As a database query tool, the skill naturally processes external data which constitutes a theoretical surface for indirect injection. However, the skill implements significant mitigations.
- Ingestion points: SQL query results processed by 'scripts/query.py'.
- Boundary markers: None explicitly defined in the provided documentation for data processing.
- Capability inventory: Executes network-based SQL queries against configured hosts via 'mysql-connector-python'.
- Sanitization: Employs mandatory read-only sessions ('SET SESSION TRANSACTION READ ONLY') and validates queries to allow only SELECT, SHOW, DESCRIBE, EXPLAIN, and WITH statements.
- Dynamic Execution (SAFE): While SQL execution is dynamic, the skill restricts commands to read-only operations and limits result sets to prevent resource exhaustion.
Audit Metadata