The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the 'Bash' tool to execute '514' CLI commands for database profiling, as well as 'git' and 'gh' for version control and pull request management. These executions are legitimate and necessary for the optimization workflow.
[DATA_EXFILTRATION]: Stage 3c involves moving data between production and preview databases ('INSERT INTO ... SELECT') for benchmarking purposes. This internal data movement is explicitly documented and occurs within the user's ClickHouse cluster, requiring manual approval via 'AskUserQuestion' to prevent unauthorized data transfer.
[PROMPT_INJECTION]: The skill is subject to potential indirect prompt injection as it processes external query logs and schema metadata (Stage 2b, 2c). However, it implements a robust mitigation strategy by using the 'AskUserQuestion' tool to review and approve all generated SQL and EXPLAIN queries before they are executed. Ingestion points include metric query results; capabilities include subprocess execution via Bash; sanitization is handled via manual user review checkpoints.
[SAFE]: The skill demonstrates a security-conscious design by distinguishing between safe diagnostic commands and high-risk raw queries, ensuring all modifications to the infrastructure or data are transparent to and approved by the user. All referenced resources belong to the verified vendor or well-known services.

514-perf-optimize