The Agent Skills Directory

Privilege Escalation (HIGH): The script scripts/detect-slow-queries.ts attempts to execute ALTER DATABASE mydb SET log_min_duration_statement = 100;. This requires administrative or superuser privileges on the database and modifies system-level configurations.
Indirect Prompt Injection (HIGH): The skill is designed to ingest and process external SQL queries for optimization.
Ingestion points: User-provided queries in benchmark-queries.ts and log data from pg_stat_statements in detect-slow-queries.ts.
Boundary markers: None present. The queries are passed directly into execution blocks.
Capability inventory: Uses prisma.$queryRaw and prisma.$executeRaw which execute raw SQL commands against the database.
Sanitization: No sanitization or validation of the SQL content is performed before execution, allowing a malicious query to perform unauthorized data modification or exfiltration during the 'benchmarking' phase.
Dynamic Execution (HIGH): The use of prisma.$queryRaw in scripts/benchmark-queries.ts to run unknown queries for performance measurement constitutes dynamic execution of potentially malicious code. If an attacker provides a query containing destructive commands (e.g., DROP TABLE), the agent will execute it as part of the benchmark process.

sql-query-optimizer