turso-db
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for downloading the Turso CLI and various official SDKs from trusted package registries and the official GitHub organization.
- Evidence: SKILL.md and SDK files reference @tursodatabase/database (NPM), pyturso (PyPI), and the tursodatabase GitHub organization.
- [REMOTE_CODE_EXECUTION]: Documentation includes a standard installation command for the Turso CLI that downloads and executes a shell script from the official release page.
- Evidence: SKILL.md contains a
curl | shcommand targetinghttps://github.com/tursodatabase/turso/releases/latest/download/turso_cli-installer.sh. - [COMMAND_EXECUTION]: The skill includes extensive examples for using the
tursodbCLI and executing SQL statements via SDKs, following industry-standard practices. - Evidence: SKILL.md and various SDK files demonstrate SQL operations like
CREATE TABLE,INSERT, andSELECT. - [SAFE]: No security threats such as prompt injection, credential exfiltration, or persistence mechanisms were found. The skill correctly promotes security best practices, such as using parameterized queries and page-level encryption.
Audit Metadata