The Agent Skills Directory

[SAFE]: Credential Management: The skill correctly utilizes environment variables (${DB2i_HOST}, ${DB2i_USER}, ${DB2i_PASS}) for database authentication in tools/database-application.yaml, avoiding hardcoded secrets.\n- [SAFE]: SQL Injection Mitigation: All database tools use named parameter binding (e.g., :sql_statement, :limit) in their SQL statements, ensuring that user-provided input is safely handled by the database engine.\n- [SAFE]: Least Privilege: Tools are restricted to read-only operations via the readOnly: true configuration in the tool definitions.\n- [SAFE]: Indirect Prompt Injection Surface: The skill analyzes data from system logs and user input. (1) Ingestion points: sql_statement parameter and STATEMENT_TEXT from SQL_ERROR_LOG. (2) Boundary markers: None. (3) Capability inventory: Read-only SQL queries. (4) Sanitization: Input parameter binding. The risk is mitigated by the lack of write capabilities and the structured tool responses.\n- [SAFE]: Connection Security: The tool configuration in tools/database-application.yaml includes ignore-unauthorized: true which disables SSL certificate verification; while common in development or internal environments, this is documented as a best-practice deviation rather than a critical vulnerability.

database-application