postgresql-ai-platform
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill content is educational, focusing on PostgreSQL AI patterns and extensions. No malicious behaviors or code were found.\n- [PROMPT_INJECTION]: The skill describes an architecture with an indirect prompt injection surface (RAG/NL2SQL). Evidence chain:\n
- Ingestion points: Untrusted data enters the context through
documentsandchunkstables (SKILL.md).\n - Boundary markers: Instructions include defining schema-aware LLM contexts and guardrails.\n
- Capability inventory: Uses
pgaifor LLM calls and executes generated SQL.\n - Sanitization: Requires SQL validation (SELECT only), row limits, and parameterization.\n- [EXTERNAL_DOWNLOADS]: The skill references the
pgaiextension for making network calls to OpenAI. This is a neutral finding involving a well-known service for the skill's primary purpose.
Audit Metadata