The Agent Skills Directory

Trusted Source (SAFE): The skill is attributed to Supabase and references official documentation. Per [TRUST-SCOPE-RULE], these sources are considered reliable.
Prompt Injection (SAFE): No patterns of instruction overriding, role-play jailbreaks, or system prompt extraction were found across the 38 files.
Data Exposure & Exfiltration (SAFE): No hardcoded credentials or secrets were detected; SQL examples use generic placeholders like 'xxx'. No network exfiltration commands (curl, wget) or sensitive file path access (e.g., ~/.ssh) are present.
Obfuscation (SAFE): All content is provided in clear Markdown and SQL. No Base64 encoding, zero-width characters, or homoglyph-based evasion techniques were identified.
Code Execution (SAFE): The skill contains documentation and static SQL examples. While it mentions an npm build process for validation, no suspicious remote code execution or piped bash scripts are present.
Indirect Prompt Injection (LOW): (1) Ingestion point: The agent reads various Markdown files in the references directory. (2) Boundary markers: Content is clearly delimited by Markdown headers and code blocks. (3) Capability inventory: The skill is intended to guide SQL generation and optimization. (4) Sanitization: Content is static and provided by a trusted source, presenting a low surface area for adversarial input injection.

supabase-postgres-best-practices