database-monitoring
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes administrative SQL commands for managing database processes, such as
pg_terminate_backend,pg_cancel_backend, andKILL CONNECTION. These are standard tools for database administrators to troubleshoot stuck or long-running queries and are consistent with the skill's purpose. - [EXTERNAL_DOWNLOADS]: References the
postgres_exporterutility from theprometheus-communityGitHub organization. This is a well-known, trusted source for database monitoring tools. - [PROMPT_INJECTION]: The skill involves reading data from system tables that log user-generated query strings (e.g.,
pg_stat_activity.query,pg_stat_statements.query, andINFORMATION_SCHEMA.PROCESSLIST). This creates a surface for indirect prompt injection. - Ingestion points: System views containing query text generated by external database users (SKILL.md).
- Boundary markers: None present; the SQL queries retrieve raw text from logs without delimiters.
- Capability inventory: The skill allows for the execution of administrative SQL commands, including process termination and table maintenance.
- Sanitization: No sanitization or 'ignore instructions' warnings are provided for the analysis of logged query text.
Audit Metadata