atlas-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Provides standard CLI command patterns for the Atlas tool, including schema application, migration diffing, and linting.
- [COMMAND_EXECUTION]: Demonstrates the use of the
external_schemadata source to execute local programs (e.g., Go-based ORM providers) for loading database models. - [EXTERNAL_DOWNLOADS]: References official vendor resources for CI/CD integration, such as the
ariga/setup-atlasGitHub Action. - [EXTERNAL_DOWNLOADS]: Includes patterns for using the Atlas Registry (
atlas://) to manage and deploy migration files. - [DATA_EXFILTRATION]: Documents the schema exporter feature which allows sending schema definitions to an external webhook. The provided example uses a placeholder domain (
api.example.com) and represents a standard administrative feature of the tool. - [CREDENTIALS_UNSAFE]: Correctly demonstrates the use of input variables (
var.app_password) and environment variables (getenv("DB_URL")) to handle sensitive credentials, avoiding hardcoded secrets.
Audit Metadata