postgresql-expert-best-practices-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No patterns of instruction override, role-play jailbreaks, or safety filter bypasses were found.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive system files, hardcoded credentials, or network exfiltration patterns identified. The skill only contains SQL DDL examples.
- [Obfuscation] (SAFE): No Base64, zero-width characters, or other encoding techniques were used to hide content.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not include any scripts or package manifests (e.g., package.json, requirements.txt) and does not perform remote downloads.
- [Privilege Escalation] (SAFE): No use of sudo, chmod, or other privilege-altering commands found. The SQL commands are standard for database maintenance.
- [Persistence Mechanisms] (SAFE): No attempts to modify system startup files or schedule tasks were detected.
- [Metadata Poisoning] (SAFE): Metadata fields are relevant and descriptive of the skill's intended use-case.
- [Indirect Prompt Injection] (SAFE): Although the skill is designed to process user-provided database schemas, it lacks any execution capabilities or tool-use that could be exploited via malicious data.
- [Time-Delayed / Conditional Attacks] (SAFE): No logic gating behavior based on time or environment variables was found.
- [Dynamic Execution] (SAFE): No runtime code generation, deserialization, or dynamic loading patterns were identified.
Audit Metadata