python-pymysql
Warn
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: Access to sensitive configuration files and cryptographic keys. The documentation in 'SKILL.md' and 'references/connection-patterns.md' recommends reading database credentials from system configuration files such as '~/.my.cnf' and '/etc/mysql/app.cnf'. Additionally, 'references/connection-patterns.md' provides examples for accessing sensitive SSL paths including '/etc/ssl/private/client-key.pem'. These paths are sensitive as they store plain-text credentials or private keys.
- [COMMAND_EXECUTION]: Inclusion of system commands. 'SKILL.md' and 'references/connection-patterns.md' contain shell commands for package management, specifically 'pip install PyMySQL' and 'pip install dbutils'.
- [EXTERNAL_DOWNLOADS]: Dependencies on third-party libraries. The skill requires installing packages such as 'PyMySQL', 'dbutils', and 'SQLAlchemy' from the Python Package Index (PyPI).
- [CREDENTIALS_UNSAFE]: Use of placeholder credentials. Code snippets in 'SKILL.md' and 'references/connection-patterns.md' include example passwords like 'secret' and 'prod_secret' for demonstration purposes.
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection through database interactions.
- Ingestion points: SQL query parameters entering the application context in 'SKILL.md' and 'references/cursor-guide.md'.
- Boundary markers: The skill explicitly warns against string formatting and promotes parameterized queries as the primary defense against SQL injection.
- Capability inventory: The documentation demonstrates full database access, including data manipulation (SELECT, INSERT, UPDATE, DELETE) and administrative tasks like 'TRUNCATE' (SKILL.md, references/cursor-guide.md).
- Sanitization: Relies on the database driver's built-in parameter escaping when following the documented best practices.
Audit Metadata