MySQL Database CLI Skill

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate MySQL helper skill, but it needs Review because it gives an agent broad database write, delete, export, and credential-handling guidance without enough safety controls.

Install only if you intend to let an agent operate MySQL databases. Use least-privileged credentials, prefer read-only accounts by default, avoid production write access unless strictly needed, and require the agent to show exact SQL and get explicit approval before any INSERT, UPDATE, DELETE, DDL, LOAD DATA, script execution, export, or COMMIT operation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The skill inconsistently advises against exposing passwords on the command line while also showing examples with inline plaintext credentials such as MYSQL_PWD=password and password fields in config examples. This is dangerous because secrets can be exposed through shell history, environment inspection, logs, screenshots, or insecure file storage, especially in shared or production environments.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill provides ready-to-run INSERT, UPDATE, and DELETE commands without any explicit warning, confirmation step, or recommendation to verify the target environment first. In an agent context, this materially increases the risk of accidental destructive changes to production data, integrity loss, and irreversible outages.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The documented SELECT ... INTO OUTFILE example writes database contents to a local filesystem path without warning about local data exfiltration, sensitive file creation, or path/permission implications. In an agent workflow, this can silently create copies of sensitive data on disk and expand the exposure surface beyond the database.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill recommends MYSQL_PWD and plaintext configuration passwords in a way that normalizes insecure credential handling without sufficiently emphasizing their risks. This can lead users to store reusable database secrets in environment variables or files that may be readable by other processes, users, backups, or logs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal