mssql
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a security-first approach to database querying by using a client-side whitelist (is_read_only) that permits only non-destructive operations like SELECT and SP_HELP.
- [CREDENTIALS_UNSAFE]: Database credentials are managed via a local JSON configuration file. The script performs an automated check for secure file permissions (0600) on Unix-like systems to prevent unauthorized access to sensitive database secrets.
- [DATA_EXPOSURE]: The tool manages data volume and connection stability by enforcing a 30-second query timeout and a 10,000-row limit, protecting the local environment from resource exhaustion.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface when processing untrusted data from database records. Evidence: (1) Ingestion point: database query results in scripts/query.py. (2) Boundary markers: No delimiters are used to wrap database content. (3) Capability inventory: The skill can execute SQL queries. (4) Sanitization: The tool truncates results for display purposes but does not sanitize or filter the content for malicious agent instructions.
Audit Metadata