pgvector-embeddings
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation includes setup instructions for the Ollama CLI. However, the TypeScript source code does not invoke shell commands, spawn subprocesses, or perform any unauthorized system-level operations.
- [EXTERNAL_DOWNLOADS]: The implementation uses the
cross-fetchlibrary to communicate with an Ollama service for generating embeddings. This is a functional requirement of the skill and defaults to a local endpoint (localhost:11434), posing no security risk. - [DATA_EXFILTRATION]: Document content and metadata are sent to the configured Ollama API to generate vector embeddings. This is the intended behavior of the ingestion pipeline and does not involve transferring sensitive data to unauthorized third-party domains.
- [COMMAND_EXECUTION]: All database interactions, including document insertion and embedding updates, are performed using parameterized SQL queries. This implementation effectively mitigates SQL injection vulnerabilities when handling user-provided document text or titles.
Audit Metadata