postgres
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill references several markdown documents via 'raw.githubusercontent.com/planetscale/'. Although the author is a reputable database provider, the organization is not on the developer-provided list of trusted entities, necessitating a standard security review.
- COMMAND_EXECUTION (LOW): The skill includes powerful commands for database management, such as 'pscale branch delete', 'DROP TABLE', and 'ALTER TABLE'. While these are functionally necessary for the skill's purpose, they are high-privilege operations. The risk is mitigated by explicit instructions requiring human verification before execution.
- PROMPT_INJECTION (LOW): The skill exhibits an Indirect Prompt Injection surface (Category 8) due to its interaction with external database data and API responses.
- Ingestion points: Data enters the agent context through 'pscale api' query reports, schema lookups, and the PlanetScale MCP server.
- Boundary markers: There are no explicit technical delimiters or 'ignore' instructions for the data being processed, though the text provides manual warnings.
- Capability inventory: The skill facilitates destructive database operations (drop, delete, detach) across various reference files.
- Sanitization: Relies on human-review checkpoints explicitly noted in 'references/partitioning.md', 'references/ps-insights.md', and 'references/process-architecture.md'.
- EXTERNAL_DOWNLOADS (LOW): The 'references/monitoring.md' file suggests installing 'pg_activity' via 'pip'. This is a well-known tool, but as it originates from a standard public registry, it is noted as an external dependency.
Audit Metadata