g14wxz/rag-ingestion-trigger-pipeline
Configures database INSERT triggers that offload document chunking and embedding to Edge Functions.
94
94%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Risky
Do not use without reviewing
Security
2 findings — 1 high severity, 1 medium severity. You should review these findings carefully before considering using this skill.
W007: Insecure credential handling detected in skill instructions
What this means
The skill handles credentials insecurely by requiring the agent to include secret values verbatim in its generated output. This exposes credentials in the agent’s context and conversation history, creating a risk of data exfiltration.
Why it was flagged
Insecure credential handling detected (high risk: 1.00). The SQL trigger template includes a placeholder that embeds the service role key directly into the pg_net HTTP headers ("Authorization: Bearer {SERVICE_ROLE_KEY}"), which would require outputting the secret verbatim into SQL/commands (high exfiltration risk), even though the Edge Function itself uses env vars.
W012: Unverifiable external dependency detected (runtime URL that controls agent)
What this means
The skill fetches instructions or code from an external URL at runtime, and the fetched content directly controls the agent’s prompts or executes code. This dynamic dependency allows the external source to modify the agent’s behavior without any changes to the skill itself.
Why it was flagged
Potentially malicious external URL detected (high risk: 0.90). The Edge Function template imports remote modules that are fetched and executed at runtime (https://deno.land/std@0.168.0/http/server.ts and https://esm.sh/@supabase/supabase-js@2), so these URLs are runtime external dependencies that directly cause execution of remote code.
- Audited
- Security analysis