postgresql
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE] (LOW): The setup and replication scripts use 'secret' as a placeholder password. While these are common examples, they could lead to insecure deployments if not changed by the user.
- [COMMAND_EXECUTION] (SAFE): Includes administrative commands like apt install and sudo -u postgres. These are standard and necessary for the stated DevOps context.
- [INDIRECT_PROMPT_INJECTION] (LOW): A vulnerability surface exists because the skill processes untrusted database content and has high-privilege execution capabilities. Evidence: 1. Ingestion points: SQL query results and logs (implied); 2. Boundary markers: None present to delimit data from instructions; 3. Capability inventory: apt, psql, pg_dump, shell access; 4. Sanitization: No evidence of output sanitization.
Audit Metadata