Skills
skills/gemini-cli-extensions/cloud-sql-postgresql/cloud-sql-postgres-lifecycle/Gen Agent Trust Hub

cloud-sql-postgres-lifecycle

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The scripts use the spawn method to execute the @toolbox-sdk/server command-line tool. This is a standard pattern for delegating logic to a specialized SDK.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx to dynamically fetch the @toolbox-sdk/server package at version 1.1.0 from the public npm registry. This is a common practice for Node.js-based tooling.
  • [CREDENTIALS_UNSAFE]: The skill handles sensitive information, such as CLOUD_SQL_POSTGRES_PASSWORD, by loading it from environment variables or local .env files. The implementation follows security best practices by encouraging the use of environment-based configuration rather than hardcoding secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 10:24 PM