postgresql-json
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to bypass agent safety filters or override system behavior were detected.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network activity identified.
- [Unverifiable Dependencies] (SAFE): Python scripts rely on standard libraries and PyYAML; no remote script execution or untrusted package downloads.
- [Indirect Prompt Injection] (INFO): The skill identifies database content as an ingestion point for untrusted data. Evidence: 1. Ingestion points: JSONB data retrieved from database queries. 2. Boundary markers: No explicit delimiters in SQL snippets. 3. Capability inventory: SQL transformation and query operators. 4. Sanitization: Documentation and scripts use safe_load for configurations.
- [Dynamic Execution] (SAFE): No use of eval, exec, or unsafe deserialization of untrusted data was found; yaml.safe_load() is correctly used for configuration parsing.
Audit Metadata