skills/tencentcloudbase/awesome-cloudbase-examples/cloudbase-document-database-in-wechat-miniprogram/Gen Agent Trust Hub
cloudbase-document-database-in-wechat-miniprogram
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill exposes the agent to untrusted data received from database queries while the agent has the power to modify the environment.
- Ingestion points: Data retrieval methods such as
get(),aggragate(), and pagination functions documented in aggragation.md, complex-queries.md, and pagination.md. - Boundary markers: The skill lacks del i m i t e r s or safety instructions to pre v e n t the agent from ob e y i n g instructions embedded within database records.
- Capability inventory: The skill enables full database CRUD op e r a t i o n s and explicitly di r e c t s the use of the
wr i t e S e c u r i t y R u l eMCP too l for privilege configuration. - Sa n i t i z a t i o n: There is no evidence of input validation or sa n i t i z a t i o n to fi l t e r ma l i c i o u s content from the database be f o r e it influences agent reasoning.
Recommendations
- AI detected serious security threats
Audit Metadata