cnpg-database
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and YAML templates for Kubernetes resources (Clusters, Databases, Poolers, Secrets, and NetworkPolicies) used for database lifecycle management.
- [SAFE]: Credential management uses automated patterns, specifically
secret-generatorfor randomized password creation andkubernetes-replicatorfor controlled cross-namespace secret distribution, avoiding hardcoded secrets. - [SAFE]: External resources such as container images are pulled from established and well-known registries, including the official CloudNative-PG organization and TensorChord on the GitHub Container Registry (GHCR).
- [SAFE]: The skill promotes security best practices by recommending restricted namespaces for superuser credentials, enforcing Pod Security Standards, and using Network Policies to implement the principle of least privilege for database connectivity.
Audit Metadata