database
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a high-quality technical reference for database management, covering PostgreSQL, MySQL, NoSQL, and various ORMs. It emphasizes security best practices, such as preventing SQL injection through parameterized queries and implementing Row Level Security (RLS) for multi-tenant isolation.
- [PROMPT_INJECTION]: Analysis of the skill instructions and metadata found no attempts to override agent behavior, bypass safety filters, or extract system prompts.
- [CREDENTIALS_UNSAFE]: While the skill contains configuration examples for tools like PgBouncer and Prometheus (e.g., in
references/connection-pooling-operations.mdandreferences/monitoring-observability.md), it uses standard placeholders like 'password' or 'secret'. No real hardcoded credentials or sensitive keys were discovered. - [EXTERNAL_DOWNLOADS]: The documentation references official tools and well-known services (e.g., Prisma, Alembic, Flyway, and Prometheus exporters). These are standard industry tools for database migrations and monitoring, and the skill does not include any suspicious 'curl | bash' patterns or unverifiable remote script executions.
- [COMMAND_EXECUTION]: The skill provides standard CLI command examples for database maintenance and migration. No malicious command injection or privilege escalation attempts were detected.
- [DATA_EXFILTRATION]: No patterns of sensitive data access (such as reading SSH keys or AWS credentials) or unauthorized network exfiltration were found.
Audit Metadata