Skills
skills/sundny8/hydpromptkit/design-export-db/Gen Agent Trust Hub

design-export-db

Warn

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill attempts to access sensitive local configuration files to obtain database connection strings and credentials.
  • Evidence: It specifically targets file paths known for storing secrets, including .env, application.yml, application.properties, settings.py, config/database.js, and config/database.php.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to download and execute an external package for database connectivity.
  • Evidence: It recommends running npx -y @anthropic-ai/create-mcp to install the MySQL MCP service. This is a trusted source, but involves downloading external code at runtime.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from project files and database outputs.
  • Ingestion points: Configuration files (e.g., .env) and SQL command results from the database (e.g., SHOW CREATE TABLE).
  • Boundary markers: None present to distinguish between instructions and data.
  • Capability inventory: Capability to write files to the /projectdocs/design/ directory and execute SQL commands via the MCP service.
  • Sanitization: No sanitization or validation of the ingested content is performed before it is formatted into the output SQL file.
  • [COMMAND_EXECUTION]: The skill directs the execution of shell utilities and database-specific commands.
  • Evidence: It suggests using mysqldump and requires the execution of SHOW TABLES and SHOW CREATE TABLE via the MCP interface.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 28, 2026, 08:16 AM