skills/jeremylongshore/claude-code-plugins-plus-skills/monitoring-database-health/Gen Agent Trust Hub
monitoring-database-health
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is configured with restricted bash access for database clients, specifically
psql,mysql, andmongosh. This is necessary for its core function of monitoring database health and performing remediation steps. - [PROMPT_INJECTION]: This skill interacts with untrusted data retrieved from external database systems (e.g., query results, logs, or metrics). This creates a surface for indirect prompt injection where malicious instructions stored in a database could influence the agent's behavior. The provided instructions lack explicit boundary markers or sanitization logic for processing this external data.
- Ingestion points: Reads database metrics and status via
psql,mysql, andmongoshtools referenced inSKILL.md. - Boundary markers: None identified in the instruction set or logic.
- Capability inventory: Has
Write,Edit, andBashaccess to execute database commands as defined inSKILL.md. - Sanitization: No specific sanitization or validation of database query output is mentioned.
Audit Metadata