databricks-lakebase-provisioned
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill contains documentation and code examples for interacting with Databricks-managed PostgreSQL infrastructure.
- [SAFE]: Authentication is handled securely using the Databricks Python SDK to generate short-lived OAuth tokens at runtime, avoiding the use of hardcoded passwords or long-lived secrets.
- [SAFE]: The database connection string identified by static analysis in
connection-patterns.mdis a documentation example for an environment variable template (postgresql://user:password@host:5432/database) and does not contain actual credentials. - [SAFE]: External dependencies are limited to well-known, official packages from the Python Package Index (PyPI), such as
databricks-sdk,psycopg, andsqlalchemy. - [SAFE]: The use of
subprocess.runin theresolve_hostnamefunction withinconnection-patterns.mdis a documented workaround for specific DNS resolution issues on macOS. It follows security best practices by passing arguments as a list to the standarddigutility rather than using a shell string.
Audit Metadata