Trust Assessment
chdb-sql received a trust score of 63/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Hardcoded Credentials in Example, Hardcoded Credentials in Example (Session API), Unpinned Dependency in Installation Instructions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Static Code Analysis layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on May 1, 2026 (commit d2841614). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Hardcoded Credentials in Example The skill's documentation (SKILL.md) includes examples with hardcoded database credentials (username 'root', password 'pass') for MySQL connections. While these are presented as examples, an AI agent might mistakenly use these specific credentials in a real-world scenario or expose them if prompted, leading to unauthorized access or information leakage. Replace hardcoded credentials in examples with placeholders (e.g., `'{username}'`, `'{password}'`) or environment variable references to prevent accidental exposure or misuse. Add a note explicitly stating that these are example credentials and should not be used in production. | Static | SKILL.md:26 | |
| HIGH | Hardcoded Credentials in Example (Session API) The skill's documentation (SKILL.md) includes an example for the Session API that uses hardcoded database credentials (username 'root', password 'pass') for a MySQL connection. This poses the same risk as the `chdb.query()` example, potentially leading to unauthorized access or information leakage if an AI agent misinterprets or misuses the example. Replace hardcoded credentials in examples with placeholders (e.g., `'{username}'`, `'{password}'`) or environment variable references to prevent accidental exposure or misuse. Add a note explicitly stating that these are example credentials and should not be used in production. | Static | SKILL.md:43 | |
| MEDIUM | Unpinned Dependency in Installation Instructions The installation instructions in the `SKILL.md` and the manifest specify `pip install chdb` without pinning a specific version. This can lead to supply chain risks, as installing the latest version might introduce breaking changes, vulnerabilities, or even malicious code if the package maintainer's account is compromised or a typosquatting attack occurs in the future. While `chdb` is a legitimate project, unpinned dependencies are a general security best practice violation. Pin the dependency to a specific, known-good version (e.g., `pip install chdb==4.1`) or use a version range (e.g., `chdb>=4.0,<5.0`) to mitigate risks associated with unexpected updates or malicious package versions. Update the manifest's compatibility section accordingly. | Static | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/fc5ddd55dbd25469)
Powered by SkillShield