postgres
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches documentation search results from the official PostgreSQL website (
https://www.postgresql.org/search/) in thedocs.rsmodule. This is a reference to a well-known and trusted service for its intended purpose. - [COMMAND_EXECUTION]: The Rust CLI executes a local
gitcommand (git rev-parse --show-toplevel) to automatically resolve the project root directory inconfig.rs. This is a standard practice for development tools and is used only for path resolution. - [CREDENTIALS_UNSAFE]: While the skill manages database credentials, it explicitly instructs users to store them in a local
.skills/postgres/config.tomlfile and ensure it is listed in.gitignore. Additionally, the implementation inmain.rsincludes asanitize_error_messagefunction that uses regular expressions to mask passwords in connection strings and key-value pairs before they are displayed or logged. - [DATA_EXFILTRATION]: No evidence of data exfiltration was found. Network operations are restricted to established database connections and fetching documentation from official sources.
- [INDIRECT_PROMPT_INJECTION]: The skill acts as a database management interface, processing data returned from the database and reading SQL from local files. While this creates a surface for indirect prompt injection if the database contains malicious instructions, the skill is a specialized tool for the agent's own use, and the risk is inherent to the primary purpose of database interaction.
Audit Metadata