drizzle-orm-d1
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The companion agent
drizzle-migrateutilizes theBashtool to automate development tasks. It executes commands such asnpx drizzle-kit generate,npx drizzle-kit push, andnpx wrangler d1 migrations apply. While these are standard for database management, they represent a significant capability tier that performs actions on remote production databases.\n- [PROMPT_INJECTION]: The skill possesses an Indirect Prompt Injection surface because it processes files that may be influenced by external sources or untrusted data during the development lifecycle.\n - Ingestion points: The
drizzle-migrateagent reads project configuration files (drizzle.config.ts) and database schema files (e.g.,src/db/schema.ts) to determine migration steps.\n - Boundary markers: No specific delimiters or safety instructions are used to separate untrusted schema code from the agent's instruction context.\n
- Capability inventory: The agent has full access to
Bashfor command execution andReadfor file access, which it uses to apply database changes.\n - Sanitization: The skill does not validate or sanitize the contents of schema or migration files before the agent acts upon them.
Audit Metadata