postgres
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using
psql. It relies on theDATABASE_URLenvironment variable for connection settings and runs queries provided in the skill body or by the agent. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) by ingesting untrusted data from the database.
- Ingestion points: Query results returned by the
psqlutility in the shell. - Boundary markers: There are no boundary markers or instructions to isolate data from potential embedded instructions.
- Capability inventory: The agent can execute
psqlcommands to read and modify the database. - Sanitization: No sanitization or escaping is performed on the data fetched from the database, which could allow malicious content to be interpreted as instructions.
Audit Metadata