Skills
skills/peachsolution/peach-harness/peach-gen-db/Gen Agent Trust Hub

peach-gen-db

Warn

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill explicitly instructs the agent to read api/src/environments/env.local.yml to parse the DATABASE_URL. Since environment files typically contain sensitive connection strings and credentials, this poses a risk of data exposure.
  • [COMMAND_EXECUTION]: The skill suggests the execution of local shell commands (bun run db:up-dev) to apply migrations. This relies on the security of the project's internal scripts.
  • [PROMPT_INJECTION]: The skill features an indirect prompt injection surface by processing untrusted PRD files from docs/prd/. 1. Ingestion points: PRD files (docs/prd/). 2. Boundary markers: No delimiters or warnings are present. 3. Capability inventory: The skill writes migration files to api/db/migrations/. 4. Sanitization: No input validation or escaping of the PRD content is performed.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 6, 2026, 02:50 PM