TiDB Cloud

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed TiDB Cloud integration for the oo CLI; it handles sensitive cloud account access, but the package is coherent and no hidden or destructive behavior was found.

Install only if you intend to let an agent use your OOMOL-connected TiDB Cloud account to inspect organization and cluster information. Review the requested TiDB Cloud scopes, be careful with API-key and audit-log visibility, and confirm the live schema before running actions, especially get_import because its documentation has a confusing write-action warning.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The documentation is internally inconsistent: it describes `get_import` as a fetch/read operation, but later labels it as a write action that changes TiDB Cloud state. In an agent skill, this ambiguity is dangerous because it can cause an operator or automated system to invoke the action under the false assumption that it is read-only, potentially triggering unintended state changes in a production database environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal