neo4j-query-tuning-skill
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for using administrative Neo4j commands such as TERMINATE TRANSACTION, TERMINATE QUERY, and index creation (CREATE INDEX), which are used for monitoring and optimizing database performance.
- [DATA_EXFILTRATION]: Includes a curl command template used to execute queries against a remote Neo4j API. While this involves outbound network communication to user-provided hosts, it is a standard method for interacting with database services.
- [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection because it processes database-generated execution plans (EXPLAIN and PROFILE output) which could be influenced by malicious schema metadata.
- Ingestion points: SKILL.md and reference files (interpretation of Cypher execution plan metrics and operator tables).
- Boundary markers: Absent; the skill does not provide specific delimiters or warnings to ignore instructions embedded within the database output.
- Capability inventory: The skill is authorized to use Bash and WebFetch tools and generates complex Cypher commands for database execution.
- Sanitization: There is no explicit sanitization of the database output before it is processed by the agent.
Audit Metadata