The Agent Skills Directory

[SAFE]: The skill implements robust security controls for database interactions. It enforces a read-only session at the database driver level (readonly=True), which serves as a primary defense against unauthorized data modification or deletion. Additionally, it performs client-side validation to ensure only SELECT-style queries are executed and rejects multi-statement queries to prevent injection attacks.
[SAFE]: Configuration management includes security awareness features. The tool checks for insecure file permissions (group/world readable) on the connections.json file and provides specific remediation instructions (chmod 600) to protect the stored database credentials. Error handling is also sanitized to prevent leaking passwords or sensitive authentication details in the event of a connection failure.
[SAFE]: The skill includes resource protection mechanisms, such as a 30-second statement timeout, a hard limit of 10,000 rows per query, and character limits on column widths. These measures prevent memory exhaustion and denial-of-service conditions when processing large datasets.
[SAFE]: Regarding indirect prompt injection risks: (1) Ingestion points: Database query results are ingested into the agent context via scripts/query.py. (2) Boundary markers: Results are visually isolated using text-based table formatting. (3) Capability inventory: The skill is limited to read-only SQL queries and lacks file-write, network exfiltration, or subprocess execution capabilities. (4) Sanitization: The script truncates long fields, which limits the volume of untrusted data processed at once.

postgres