postgresql-ai-platform

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill content is educational, focusing on PostgreSQL AI patterns and extensions. No malicious behaviors or code were found.\n- [PROMPT_INJECTION]: The skill describes an architecture with an indirect prompt injection surface (RAG/NL2SQL). Evidence chain:\n
  • Ingestion points: Untrusted data enters the context through documents and chunks tables (SKILL.md).\n
  • Boundary markers: Instructions include defining schema-aware LLM contexts and guardrails.\n
  • Capability inventory: Uses pgai for LLM calls and executes generated SQL.\n
  • Sanitization: Requires SQL validation (SELECT only), row limits, and parameterization.\n- [EXTERNAL_DOWNLOADS]: The skill references the pgai extension for making network calls to OpenAI. This is a neutral finding involving a well-known service for the skill's primary purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 11:15 AM
Security Audit — agent-trust-hub — postgresql-ai-platform