alembic
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill consists of instructional documentation and code snippets; no instructions designed to override agent behavior or bypass safety guardrails were found.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets, sensitive file path access, or unauthorized network requests were identified. Database connection logic relies on standard configuration objects.
- [Unverifiable Dependencies] (SAFE): The listed dependencies (alembic, sqlalchemy, asyncpg, aiomysql) are well-known, legitimate packages from the official Python Package Index.
- [Dynamic Execution] (SAFE): Code snippets demonstrate the programmatic use of the Alembic API for its intended purpose of schema management. No unsafe use of eval() or execution of untrusted data was detected.
- [Indirect Prompt Injection] (SAFE): While the skill interacts with database schemas, it does not ingest untrusted external data in a manner that creates a vulnerability surface for indirect injection.
Audit Metadata