database-architect
Audited by Gen Agent Trust Hub on Feb 13, 2026
The SKILL.md file was thoroughly analyzed following the established protocol. The content consists of detailed guidelines, best practices, and code examples for database schema design using Drizzle ORM and PostgreSQL. The analysis focused on detecting prompt injection, data exfiltration, obfuscation, unverifiable dependencies, privilege escalation, persistence mechanisms, metadata poisoning, indirect prompt injection, and time-delayed/conditional attacks.
No patterns indicative of prompt injection were found. The use of terms like 'ALWAYS', 'MANDATORY', and 'CRITICAL' are within the context of database design principles and do not attempt to override the AI's core instructions or safety guidelines.
There are no instructions for the AI agent to perform network operations (like curl, wget) or access sensitive file paths, thus no data exfiltration risk was identified. The code snippets provided are Drizzle ORM schema definitions and TypeScript code, intended as examples for the AI's output, not as commands for the AI to execute.
No obfuscation techniques (Base64, zero-width characters, homoglyphs, URL/hex/HTML encoding) were detected. The content is presented in clear Markdown and TypeScript syntax.
The skill does not instruct the agent to install any external packages or download scripts from unverified sources. It explicitly advises against using certain external UUID libraries, promoting the use of Bun.randomUUIDv7() for application code generation, which is a security-conscious recommendation rather than a vulnerability.
No commands related to privilege escalation (e.g., sudo, chmod 777) or persistence mechanisms (e.g., modifying .bashrc, crontab) were found.
The metadata fields (name, description) are benign and accurately describe the skill's purpose.
While any AI agent processing user input carries an inherent, general risk of indirect prompt injection, this skill's instructions do not introduce or exacerbate this risk through specific vulnerabilities. It's a general consideration for AI interaction, not a flaw in this particular skill's design.
No time-delayed or conditional malicious logic was identified.
In conclusion, the skill is a purely descriptive and instructional knowledge base for the AI agent, providing expert guidance on database architecture. It does not contain any executable components or malicious instructions for the agent to perform.