clickhouse-operations

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) All findings: [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] This skill is an operations runbook for ClickHouse and does not contain indicators of deliberate malicious code or supply-chain attack patterns (no remote download-and-execute, no obfuscated payloads, no third-party credential forwarding). It contains high-privilege administrative scripts (SSH as root, rsync of data directories, stopping/starting services, rm -rf retention) which are expected for backup/restore but require strict operational controls: restrict SSH keys, use non-root automation accounts when possible, encrypt backups, use integrity checks (signatures/hashes), and avoid dangerous 'rm -rf' patterns without explicit path validation. Overall, the content is coherent with its purpose but has medium operational risk if run without hardened processes. LLM verification: This skill appears to be a legitimate ClickHouse operations runbook containing useful monitoring, diagnostics, and backup/restore procedures. It includes destructive and high-privilege operations (rm -rf cleanup, DROP PARTITION, rsync to overwrite /var/lib/clickhouse, remote apt-get via ssh) that are normal for operator runbooks but must be handled with strict access controls, verification steps, and safeguards. I do not find evidence of intentional malicious code or obfuscation, but the presenc

This is an operational troubleshooting guide (ClickHouse) containing diagnostic queries and administrative remediation steps. It does not contain obfuscated code or explicit malware/backdoors. However, it includes multiple destructive and high-impact operations (rm -rf backups, DROP PARTITION, DROP REPLICA, forceful process kills, resetting Kafka offsets) that can cause data loss, downtime or heavy cluster activity if executed without careful review. Treat the examples as documentation only; do not copy-paste destructive commands into production without verifying scope and backups.