database-performance-debugging
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes SQL commands for database configuration and performance monitoring, such as enabling slow query logs and creating extensions. These are standard administrative tasks necessary for the skill's primary purpose.
- Evidence: 'SET GLOBAL slow_query_log = 'ON';' and 'CREATE EXTENSION pg_stat_statements;' in SKILL.md and references/identify-slow-queries.md.
- [PROMPT_INJECTION]: The skill includes an attack surface for indirect prompt injection as it processes database query logs and execution plans which may contain untrusted query strings.
- Ingestion points: Database logs (mysql.slow_log) and statement statistics (pg_stat_statements) as seen in references/identify-slow-queries.md.
- Boundary markers: No specific delimiters or safety instructions are defined for parsing these logs.
- Capability inventory: The skill can execute SQL queries and run shell scripts (e.g., scripts/validate-schema.sh).
- Sanitization: No explicit sanitization of log content is implemented.
- [SAFE]: The shell script provided in the skill is a placeholder and does not execute any remote code or perform unsafe file operations.
- Evidence: scripts/validate-schema.sh is a stub that only echoes messages.
Audit Metadata