kysely-postgres

Facilitates type-safe PostgreSQL queries in Node.js/TypeScript using Kysely, enhancing database interaction and migration management.

Install this skill

or

64/100

Security score

The kysely-postgres skill was audited on Feb 12, 2026 and we found 8 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 125

Template literal with variable interpolation in command context

SourceSKILL.md

125	sql<string>`${eb.ref("first_name")} \|\| ' ' \|\| ${eb.ref("last_name")}`.as("full_name"),

medium line 432

Template literal with variable interpolation in command context

SourceSKILL.md

432	.where((eb) => eb(sql`${searchTerm}`, "=", eb.fn("any", [eb.ref("tags")])))

medium line 493

Template literal with variable interpolation in command context

SourceSKILL.md

493	sql`jsonb_build_object('val', ${searchValue}::text)`,

medium line 508

Template literal with variable interpolation in command context

SourceSKILL.md

508	.$if(!!searchTerm, (qb) => qb.where("name", "like", `%${searchTerm}%`))

medium line 563

Template literal with variable interpolation in command context

SourceSKILL.md

563	return sql<string>`lower(${expr})`;

medium line 886

Template literal with variable interpolation in command context

SourceSKILL.md

886	return sql`CAST(${JSON.stringify(value)} AS JSONB)`;

medium line 914

Template literal with variable interpolation in command context

SourceSKILL.md

914	return sql`CAST(${JSON.stringify(this.#value)} AS JSONB)`.toOperationNode();

low line 691

Access to .env file

SourceSKILL.md

691	connectionString: process.env.DATABASE_URL,

Scanned on Feb 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 106

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw database backend backend-developer data-engineer product-manager postgresql development product

majiayu000/claude-skill-registry