perfex-database
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security risks detected. The skill is entirely instructional markdown providing architectural patterns for Perfex CRM modules.
- [SAFE]: Promotes security best practices by explicitly warning against SQL injection and recommending the use of parameterized queries and CodeIgniter's query builder for data handling.
- [SAFE]: Advises on race-safe data updates using atomic SQL patterns to prevent concurrency issues.
- [SAFE]: External references are limited to official developer documentation for CodeIgniter and MySQL database limits.
- [INDIRECT_PROMPT_INJECTION]: The skill instructs the agent to process database schemas and migrations. While this is an ingestion surface for untrusted data, the skill includes strong defensive guidance for sanitization via parameterized queries and escaping. (Ingestion points: live DB schema and install.php files; Boundary markers: absent; Capability inventory: SQL and PHP code generation; Sanitization: parameterization and character escaping recommended).
Audit Metadata