Skills
skills/davidcastagnetoa/skills/pg_stat_statements/Gen Agent Trust Hub

pg_stat_statements

Warn

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the execution of sudo systemctl restart postgresql and docker restart postgres to apply configuration changes. These commands require elevated privileges to manage system-level services.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of untrusted data.
  • Ingestion points: Data is read from the query column of the pg_stat_statements view (SKILL.md).
  • Boundary markers: No delimiters or instructions to ignore embedded commands are present when processing the query text.
  • Capability inventory: The skill has the capability to execute shell commands (via sudo) and SQL commands.
  • Sanitization: There is no evidence of sanitization or filtering of the SQL query strings before they are returned to the agent context.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 05:28 PM