Scan Report
5 /100
andara-rag-search
Search the Andara Ionic RAG knowledge base (3,800+ records) for business intel, research, products, team, meetings, and any indexed content.
A read-only RAG knowledge base search skill with all capabilities properly declared and no malicious behavior detected.
Safe to install
Approve for use. The skill is straightforward and all declared capabilities match the implementation.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Shell | WRITE | WRITE | ✓ Aligned | SKILL.md: Uses 'bash' tool to run psql commands |
| Environment | READ | READ | ✓ Aligned | SKILL.md: Accesses $DATABASE_URL environment variable |
| Database | READ | READ | ✓ Aligned | SKILL.md: Explicitly states 'Never INSERT, UPDATE, or DELETE — read-only access … |
File Tree
1 files · 3.6 KB · 100 lines Markdown 1f · 100L
└─
SKILL.md
Markdown
Security Positives
✓ All capabilities explicitly declared in SKILL.md
✓ Read-only database access enforced and documented
✓ No credential harvesting or exfiltration behavior
✓ No obfuscation or base64-encoded payloads
✓ No suspicious file paths accessed (~/.ssh, ~/.aws, etc.)
✓ No remote script execution (curl|bash, wget|sh)
✓ No supply chain risks (no dependencies, single markdown file)
✓ No hidden functionality or documentation mismatch