postgres-semantic-search
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious code or prompt injection attempts were detected. The skill provides legitimate templates and utilities for implementing search features in PostgreSQL.
- [COMMAND_EXECUTION]: SQL functions within the skill follow security best practices by using parameterized queries and the %I identifier specifier in dynamic SQL (EXECUTE FORMAT) to prevent SQL injection.
- [EXTERNAL_DOWNLOADS]: The skill utilizes standard, well-known libraries such as openai, @supabase/supabase-js, and drizzle-orm. It also fetches documentation from the official ParadeDB domain (docs.paradedb.com) to provide current API context.
- [DATA_EXPOSURE]: Secret management follows best practices by relying on environment variables for API keys rather than hardcoding credentials.
Audit Metadata