postgres
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to bypass safety filters or override agent behavior were detected. The language is purely instructional and technical.
- [Data Exposure & Exfiltration] (SAFE): The code uses dummy credentials ('password': 'secret') for demonstration purposes on 'localhost'. No actual sensitive data exfiltration or unauthorized file access patterns were found. It does not access sensitive system paths.
- [Indirect Prompt Injection] (LOW): The skill defines a surface for processing untrusted data from database rows.
- Ingestion points: Data enters the context via 'client.query' and 'row.decode' in 'SKILL.md'.
- Boundary markers: The skill explicitly utilizes 'PostgresQuery' string interpolation, which treats interpolated values as parameter bindings rather than executable SQL.
- Capability inventory: Limited to database network operations and row processing; no arbitrary subprocess or file-write capabilities were identified.
- Sanitization: Handled natively by the 'postgres-nio' library through prepared statement bindings.
- [External Downloads] (SAFE): The skill references the 'vapor/postgres-nio' repository. While not on the explicit list of corporate-trusted sources, Vapor is a major, reputable organization in the Swift ecosystem, and the reference is a standard package dependency rather than a piped execution script.
Audit Metadata