postgresql-rails-analyzer

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security threats or malicious patterns were identified. The skill's behavior is consistent with its stated purpose of database performance auditing and optimization.- [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it is designed to ingest and analyze untrusted data from a user's Rails codebase.
  • Ingestion points: Processes Ruby controller actions, view files, and the database.yml configuration file (SKILL.md).
  • Boundary markers: No specific markers or instructions are defined to delimit untrusted codebase content from the analysis context.
  • Capability inventory: Executes local Python analysis scripts (scripts/analyze_n_plus_one.py, scripts/analyze_indexes.py, scripts/analyze_config.py) and generates Rails migration code.
  • Sanitization: No explicit sanitization or filtering of the analyzed file content is documented.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 02:03 PM
Security Audit — agent-trust-hub — postgresql-rails-analyzer