drizzle
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate instructions and code templates for the Drizzle ORM, a well-known TypeScript library.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The examples demonstrate secure secret management by using environment variables (
process.env.DATABASE_URL,process.env.TURSO_AUTH_TOKEN) instead of hardcoding sensitive credentials. - [COMMAND_EXECUTION]: The skill includes standard development commands for package installation and database migrations via
npx drizzle-kit, which are appropriate for its stated purpose. - [SAFE]: Database queries are constructed using Drizzle's type-safe query builder or the
sqltemplate literal tag, both of which automatically parameterize inputs to protect against SQL injection attacks.
Audit Metadata