Back to skill

Security audit

Pgadmin Manager

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local pgAdmin Docker helper, with the main caution being its disclosed weak default password for a localhost-only admin UI.

Reasonable to install for local development if you trust the Docker image and need pgAdmin. Set a strong `PGADMIN_PASSWORD`, avoid storing sensitive production database connections in this local pgAdmin instance, and remove the `pgadmin_data` volume when you no longer want saved server configurations to persist.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger phrases are somewhat broad and could cause accidental invocation, especially with generic phrases like 'admin postgres' or 'interface postgres'. In an automation context, unintended activation can lead to container lifecycle actions or disclosure of service access details without the user explicitly targeting this skill.

Vague Triggers

Low
Confidence
97% confidence
Finding
The service defines weak default administrative credentials (`admin@codai.local` / `pgadmin`) that will be used whenever environment variables are not explicitly set. Even though the port is bound to localhost, any local user, malware, browser-based localhost attack, or unintended proxy exposure could authenticate to pgAdmin and gain administrative access to stored database connection details and the database management UI.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.