managed-db-services
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill relies on official vendor infrastructure, utilizing the
doctlCLI and the authenticated DigitalOcean API (api.digitalocean.com) for all administrative actions. - [SAFE]: Sensitive data management adheres to security best practices by leveraging the platform's bindable variable system (e.g.,
${db.PASSWORD},${db.CA_CERT}) to inject credentials into application environments securely. - [SAFE]: Encryption in transit is enforced through documented requirements for SSL/TLS across all database engines (e.g.,
ssl-mode=REQUIREDfor MySQL andrediss://for Valkey). - [SAFE]: Network isolation is maintained through 'Trusted Sources' guidance, which instructs the agent to restrict database access to specific App Platform IDs or VPC CIDRs, reducing the attack surface.
- [SAFE]: Application integration snippets utilize standard, well-known libraries such as
kafkajsandconfluent-kafkawithout any malicious modifications or execution wrappers.
Audit Metadata