supabase-data-handling
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [COMM AND_EXECUTI ON]: The s kill correc tly utilize s shell too ls such as
supaba se,psql, andpg_dum pfor datab ase adminis tration, b ackups, an d complianc e-related d ata exports as document ed in the m anifest. - [DATA_E XFILTRATIO N]: The sk ill handles personal da ta (PII) on ly for the purpose of compliance audits, dele tion, and r equested ex ports. No u nauthorize d trans fer s to extern al or untru sted domain s were dete cted.
- [CREDENTI ALS_UNSAFE ]: The imp lementatio n follows s ecurity bes t practice s by using standard en vironment v ariable pla ceholders ( e.g.,
SUPA BASE_SERVIC E_ROLE_KEY) rather th an hardcodi ng sensitiv e keys. - [PROMPT_IN JECTION]: The skill p rocesses un trusted dat a from the database fo r PII scann ing and exp ort purpos es. This co nstitutes a n indirect prompt inje ction surfa ce, but the logic is f ocused on p attern matc hing and ad ministrativ e processin g with no a utonomous e xecution of data conten t.
Audit Metadata