pikku-trigger

Enables event-driven functions to respond to system events using Redis pub/sub and PostgreSQL LISTEN/NOTIFY for real-time processing.

Install this skill

75/100

Security score

The pikku-trigger skill was audited on Jun 6, 2026 and we found 5 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 109

Template literal with variable interpolation in command context

SourceSKILL.md

109	logger.info(`Order event on ${channel}`, message)

medium line 145

Template literal with variable interpolation in command context

SourceSKILL.md

145	throw new Error(`Invalid channel name: ${channel}`)

medium line 153

Template literal with variable interpolation in command context

SourceSKILL.md

153	await client.query(`LISTEN ${channel}`)

medium line 156

Template literal with variable interpolation in command context

SourceSKILL.md

156	await client.query(`UNLISTEN ${channel}`)

medium line 21

Webhook reference - potential data exfiltration

SourceSKILL.md

21	Wire Pikku functions to fire when external events occur. Triggers connect event sources (Redis pub/sub, PostgreSQL LISTEN/NOTIFY, polling, webhooks) to Pikku functions.

Scanned on Jun 6, 2026

View Security Dashboard

Installation guide →

GitHub Stars 56

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

opencode frontend react api database testing backend-developer data-engineer devops-sre redis postgresql development

pikkujs/pikku