drizzle-orm
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends standard, well-known Node.js packages ('drizzle-orm', 'drizzle-kit') and the author's testing utility ('drizzle-orm-test'). These are legitimate development dependencies for the stated purpose of database schema management.
- [COMMAND_EXECUTION]: Standard installation commands ('pnpm add') are included for user guidance, which is expected for a developer-oriented skill.
- [CREDENTIALS_UNSAFE]: The database client setup example correctly utilizes 'process.env.DATABASE_URL' for the connection string, adhering to security best practices by avoiding hardcoded credentials.
- [DATA_EXFILTRATION]: No unauthorized network operations or sensitive data access patterns were identified. All database operations are localized to the user's configured environment.
Audit Metadata