postgresql-performance
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is designed to process user-provided SQL queries for optimization.
- Ingestion points: The
analyze_queryoperation inSKILL.mdtakes SQL strings as input. - Capability inventory: Database execution via PostgreSQL. The skill specifically promotes
EXPLAIN ANALYZE, which executes the query. - Sanitization: There is no evidence of SQL sanitization or restriction to read-only operations in the provided scripts.
- Boundary markers: No explicit delimiters are defined for SQL input.
- [Command Execution] (MEDIUM): Database-level command execution risk.
- Evidence:
SKILL.mdandreferences/GUIDE.mdsuggest executing commands likeEXPLAIN ANALYZE. These can be abused to extract sensitive data or modify the database if the agent is given a malicious query string.
Recommendations
- AI detected serious security threats
Audit Metadata