The Agent Skills Directory

[PROMPT_INJECTION]: The skill's primary function is to analyze slow queries and execution plans, which are ingestion points for potentially untrusted data. This makes it susceptible to indirect prompt injection where malicious instructions could be embedded within the database logs or query strings to influence the agent's analysis.
Ingestion points: Analysis of slow queries, execution plans, and system metrics as specified in the Core Workflow of SKILL.md.
Boundary markers: Absent. There are no instructions to use delimiters or ignore embedded natural language instructions within the processed SQL data.
Capability inventory: The skill generates powerful administrative commands such as ALTER SYSTEM SET (PostgreSQL) and SET GLOBAL (MySQL), as well as schema-altering operations like CREATE INDEX and VACUUM FULL (references/postgresql-tuning.md, references/mysql-tuning.md).
Sanitization: Absent. There is no mention of validating or escaping the query data before it is processed by the agent.
[NO_CODE]: The skill is comprised entirely of Markdown files and SQL templates. It does not include any Python scripts, Node.js modules, or binary executables, which eliminates the risk of direct remote code execution or automated persistence.

database-optimizer