skills/jeremylongshore/claude-code-plugins-plus-skills/analyzing-database-indexes/Gen Agent Trust Hub
analyzing-database-indexes
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill correctly uses scoped database CLI tools (
psql,mysql,mongosh) to perform performance analysis by querying database system catalogs. - [COMMAND_EXECUTION]: The included script
scripts/analyze_indexes.pyperforms generic file system directory traversal and calculates metadata statistics (size, type), though this implementation does not align with the script's name and documentation regarding database index analysis. - [PROMPT_INJECTION]: The skill features an indirect prompt injection surface as it processes external data from database query results.
- Ingestion points: Data returned from database queries (table names, query statistics) enter the agent context via CLI tools.
- Boundary markers: No specific delimiters or boundary markers are defined in
SKILL.mdto isolate external database content from instructions. - Capability inventory: The skill possesses file write (
Write), edit (Edit), and shell execution (Bash) capabilities across all files. - Sanitization: The instructions do not define sanitization or validation protocols for processing external database content.
- [SAFE]: No evidence of credential exposure, unauthorized data exfiltration, or persistence mechanisms was found in the provided files.
Audit Metadata