The Agent Skills Directory

Secure Authentication Implementation: The skill promotes the use of Microsoft Entra ID authentication via the @azure/identity package. This enables passwordless connections and managed identities, which significantly reduces the risk associated with managing and storing long-lived database credentials.\n- SQL Injection Prevention: The instructions include clear warnings against string concatenation and provide multiple examples of parameterized queries. This is a critical security practice that ensures user-provided data is handled safely by the database driver.\n- Connection Encryption: The documentation requires enabling SSL with the rejectUnauthorized: true configuration. This ensures that all communications between the application and the Azure database are encrypted and that the server's certificate is validated.\n- Safe Credential Management: The skill advises using environment variables for sensitive configuration details. This aligns with standard security recommendations to keep configuration separate from code and avoid hardcoding sensitive information.\n- Standard Library Usage: The code samples utilize the well-established pg (node-postgres) library and official Azure SDKs, which are trusted components within the Node.js ecosystem.

azure-postgres-ts