NYC

sql-query-optimization

Pass

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: LOWCOMMAND_EXECUTIONDATA_EXFILTRATIONNO_CODE
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill recommends the use of EXPLAIN (ANALYZE, ...) for PostgreSQL. Unlike a standard EXPLAIN, the ANALYZE flag causes the database to actually execute the query. If an agent applies this to a destructive query (e.g., DELETE or UPDATE) provided by an untrusted source, the data modification will occur during the analysis phase.- [DATA_EXFILTRATION] (LOW): The skill provides patterns for querying pg_stat_statements and mysql.slow_log. These system tables often contain the full text of queries executed by all users on the database, which may inadvertently expose PII, session tokens, or other sensitive data if the application does not use parameterized queries.- [COMMAND_EXECUTION] (LOW): The skill includes administrative commands such as SET GLOBAL slow_query_log = 'ON' and pg_stat_statements_reset(). Suggesting these patterns to an AI agent might lead to unauthorized configuration changes or the clearing of audit logs if the agent has elevated database privileges.- [NO_CODE] (SAFE): This skill is entirely documentation-based (Markdown) and does not include any executable scripts, binaries, or third-party package dependencies.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 15, 2026, 09:15 PM