Skills
skills/microsoft/agent-skills/azure-postgres-ts/Gen Agent Trust Hub

azure-postgres-ts

Pass

Audited by Gen Agent Trust Hub on Feb 13, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSNO_CODE
Full Analysis

================================================================================

✅ VERDICT: SAFE

This skill is a documentation-only skill providing code examples and best practices for connecting to Azure PostgreSQL. It does not contain any directly executable malicious code. It explicitly guides users towards secure practices such as using environment variables for sensitive data, parameterized queries to prevent SQL injection, and mandatory SSL for Azure connections. The dependencies mentioned (pg, @azure/identity) are well-known, trusted packages from reputable sources (npm, Microsoft).

Total Findings: 1

🔵 LOW Findings: • Unverifiable Dependencies

  • Line 14: npm install pg @azure/identity

ℹ️ TRUSTED SOURCE References: • https://www.npmjs.com/package/pg

  • Line 239: Reference to npm package 'pg'. • https://github.com/brianc/node-postgres
  • Line 240: Reference to GitHub repository 'brianc/node-postgres'. • https://learn.microsoft.com/azure/postgresql/flexible-server/
  • Line 241: Reference to Azure PostgreSQL documentation. • https://learn.microsoft.com/azure/postgresql/flexible-server/how-to-connect-with-managed-identity
  • Line 242: Reference to Azure documentation for passwordless connection. • https://ossrdbms-aad.database.windows.net/.default
  • Line 70: Entra ID token scope, a trusted Microsoft domain.

================================================================================

Audit Metadata
Risk Level
LOW
Analyzed
Feb 13, 2026, 10:26 AM