prisma-client-api
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and code examples for using the Prisma ORM. All content is educational and follows industry-standard security practices.
- [COMMAND_EXECUTION]: The skill documents raw SQL execution methods (
$queryRaw,$executeRawUnsafe). This is a standard feature of the library, and the documentation correctly highlights security risks, providing 'Safe' (parameterized) and 'Unsafe' (concatenation) examples to educate users on preventing SQL injection. - [CREDENTIALS_UNSAFE]: Examples use
process.env.DATABASE_URLfor connection strings, which is the recommended practice for managing sensitive configuration via environment variables rather than hardcoding credentials. - [EXTERNAL_DOWNLOADS]: The documentation references official and well-known Prisma ecosystem packages (e.g.,
@prisma/adapter-pg,@prisma/extension-accelerate, and various@prisma/sqlcommenterplugins) for extension and driver support.
Audit Metadata