postgresql-database-engineering

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill includes multiple examples that embed plaintext passwords and connection strings with passwords (e.g., CREATE USER ... PASSWORD 'secure_password', primary_conninfo = '... password=secure_password', subscription/FDW connection strings), which encourages generating outputs that contain secret values verbatim and thus poses an exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill includes explicit privileged system-administration steps—editing PostgreSQL system config files, running systemctl, removing/restoring /var/lib/postgresql data directories, and creating recovery signal files—that modify machine state and typically require sudo/root access.