postgresql-rails-analyzer
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats or malicious patterns were identified. The skill's behavior is consistent with its stated purpose of database performance auditing and optimization.- [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it is designed to ingest and analyze untrusted data from a user's Rails codebase.
- Ingestion points: Processes Ruby controller actions, view files, and the database.yml configuration file (SKILL.md).
- Boundary markers: No specific markers or instructions are defined to delimit untrusted codebase content from the analysis context.
- Capability inventory: Executes local Python analysis scripts (scripts/analyze_n_plus_one.py, scripts/analyze_indexes.py, scripts/analyze_config.py) and generates Rails migration code.
- Sanitization: No explicit sanitization or filtering of the analyzed file content is documented.
Audit Metadata