postgres
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill references several markdown files hosted on GitHub within the
planetscaleorganization. While PlanetScale is a well-known database provider, the organization is not included in the predefined trusted sources list, making these external references unverifiable by the system's strict trust policy. - [COMMAND_EXECUTION] (LOW): Recommends the installation of
pg_activityviapip install. In a strict 'assume-malicious' posture, installing third-party packages from non-whitelisted sources is flagged as a minor concern. - [COMMAND_EXECUTION] (SAFE): The skill provides numerous SQL queries and
pscaleCLI commands for database management. It demonstrates security best practices by including explicit bold warnings (e.g., 'Always confirm with a human before...') for all actions that could lead to data loss or service disruption. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill provides an attack surface for indirect prompt injection through the processing of database metadata and API responses.
- Ingestion points: SQL query results from system views (
pg_stat_activity,pg_stat_statements) and PlanetScale API response data. - Boundary markers: Not explicitly defined in the provided markdown templates.
- Capability inventory: Subprocess execution (pscale CLI) and SQL execution capabilities.
- Sanitization: No explicit sanitization of external content is described in the reference material.
Audit Metadata