setup-rls
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is purely informational and instructional. It guides the AI agent on how to help users configure database security policies.
- [PROMPT_INJECTION] (SAFE): No evidence of prompt injection, role-play bypasses, or instructions to ignore safety filters were found in the markdown or YAML frontmatter.
- [DATA_EXFILTRATION] (SAFE): There are no hardcoded credentials, sensitive file paths, or network-bound commands. The SQL examples use standard Supabase authentication functions (auth.uid(), auth.jwt()).
- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not include any commands for downloading or executing remote scripts. No package managers (npm, pip) or shell pipes are used.
- [INDIRECT_PROMPT_INJECTION] (LOW): As a skill that processes user requests regarding security and permissions, it inherently has a surface for indirect prompt injection if a user provides malicious input. However, the skill does not grant elevated system privileges and its capabilities are limited to local file editing tools.
Audit Metadata