relational-database-web-cloudbase
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses canonical initialization and query patterns for the CloudBase Relational Database SDK that are consistent with official vendor documentation.
- [EXTERNAL_DOWNLOADS]: The skill specifies the installation of '@cloudbase/js-sdk' via npm. This package is an official resource from the vendor (TencentCloudBase) and is used for its intended purpose.
- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by enabling the application to ingest and display untrusted data from a database. 1. Ingestion points: Data is retrieved from the database in the 'hooks/usePosts.js' component. 2. Boundary markers: There are no specific delimiters or instructions used to wrap or sanitize the database output in the provided code snippets. 3. Capability inventory: The skill utilizes the database SDK to perform network-based operations (CRUD) on the database. 4. Sanitization: The provided patterns do not include explicit data validation or escaping for the fetched database content.
Audit Metadata