postgres
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches documentation search results from the official postgresql.org website. This is a well-known and trusted service provided by the technology vendor.
- [CREDENTIALS_UNSAFE]: The Rust CLI implementation in
projects/postgres/src/main.rsincludes asanitize_error_messagefunction specifically designed to detect and mask passwords in PostgreSQL connection URLs and environment variables, preventing credential leakage in logs or user output. - [COMMAND_EXECUTION]: The tool executes SQL commands as its primary function. It includes guardrails such as mandatory user approval for Data Definition Language (DDL) changes and the use of prepared statements where applicable to manage query safety.
- [PROMPT_INJECTION]: The skill processes data from external database schemas and query results, which constitutes an indirect prompt injection surface. The instructions mitigate this by advising the agent to report direct answers before providing supporting context and requiring validation for schema changes.
- [SAFE]: The skill architecture uses a compiled Rust binary and local configuration files (
config.toml) managed within the project's own directory structure, following standard patterns for secure local tools.
Audit Metadata