lightfast-db
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill's functionality is scoped to read-only database interactions, with explicit notes preventing data modification via SQL or pnpm migration tools.
- [PROMPT_INJECTION]: The skill processes user-supplied data, presenting an indirect prompt injection surface.
- Ingestion points: User input is ingested through the
$ARGUMENTSvariable incommand/lightfast-db.md. - Boundary markers: User input is delimited by
<user-request>tags to isolate it from skill instructions. - Capability inventory: The skill can execute SQL queries and inspect database metadata via the
postgresMCP server. - Sanitization: There is no automated sanitization, although the agent is instructed to perform case conversion on table names.
- [COMMAND_EXECUTION]: The skill dynamically generates SQL queries from natural language input. This is the intended behavior for the skill, and the risk of abuse is mitigated by the read-only transaction constraint and the specific scope of the postgres MCP query tool.
Audit Metadata