database-migration
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute standard database management commands such as
pnpm db:generateandpnpm db:migrate. These operations are restricted to the local development environment and are part of the primary functionality. - [EXTERNAL_DOWNLOADS]: The skill references well-known and trusted Node.js packages including
drizzle-orm,drizzle-kit, and@testcontainers/postgresqlfor database abstraction and testing. - [CREDENTIALS_UNSAFE]: The configuration example correctly recommends using the
DATABASE_URLenvironment variable rather than hardcoding credentials. - [DATA_EXFILTRATION]: No network exfiltration or unauthorized file access patterns were detected. The use of Testcontainers for verification is a security best practice for isolated testing.
Audit Metadata