Skills
skills/arthur0824hao/skills/agent-memory-systems-postgres/Gen Agent Trust Hub

agent-memory-systems-postgres

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [Privilege Escalation] (HIGH): The script scripts/setup-pgvector.ps1 contains an Assert-Admin function and requires elevated permissions to write to the PostgreSQL installation directory and execute nmake for building the pgvector extension.
  • [Credential Safety] (HIGH): scripts/setup-pgpass.ps1 and scripts/setup-pgpass.sh prompt for a database password and store it in a local file (pgpass.conf or .pgpass). This results in plaintext credentials stored on the filesystem.
  • [Unverifiable Dependencies] (HIGH): scripts/setup-pgvector.ps1 clones the pgvector repository from GitHub (https://github.com/pgvector/pgvector.git) and builds it using nmake. Automated compilation and installation of native code from external repositories is a high-risk operation.
  • [Command Execution] (MEDIUM): The plugin and scripts utilize shell execution ($, psql, curl) to manage database state and communicate with local services like Ollama.
  • [Indirect Prompt Injection] (LOW): The skill processes and stores conversation transcripts. This creates an attack surface for indirect prompt injection if the agent later retrieves memories containing malicious instructions.
  • [Data Exposure] (LOW): The system logs session transcripts and metadata to local files (.claude/compaction-events.jsonl) and a database.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:37 PM