Skills
skills/rebyteai-template/rebyte-skills/natural-language-postgres/Gen Agent Trust Hub

natural-language-postgres

Fail

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill instructs users to clone a repository from an untrusted GitHub account (Eng0AI).
  • [REMOTE_CODE_EXECUTION] (HIGH): The installation process involves running pnpm install and pnpm build on untrusted code, which can execute malicious scripts during the install or build phases.
  • [COMMAND_EXECUTION] (MEDIUM): The instructions include manual shell commands for file manipulation and environment setup.
  • [CREDENTIALS_UNSAFE] (SAFE): Environment variables are used for secrets; no hardcoded credentials were found in the skill file itself.
  • [DATA_EXFILTRATION] (LOW): Code from an untrusted source will have access to the configured database and API keys, creating a risk of data theft.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 21, 2026, 02:25 PM