Skills
skills/agentskillexchange/skills/PostgreSQL Diagnostic Runbook/Gen Agent Trust Hub

PostgreSQL Diagnostic Runbook

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation provides installation commands using npx and clawhub to fetch the runbook from the vendor's repository.
  • [COMMAND_EXECUTION]: Provides shell instructions for installing the skill across multiple agent frameworks including Claude Code, Cursor, and Codex.
  • [PROMPT_INJECTION]: The skill processes untrusted data from PostgreSQL system views, creating an indirect prompt injection surface.
  • Ingestion points: Output from SQL queries against pg_stat_statements, pg_stat_activity, and pg_locks as described in SKILL.md.
  • Boundary markers: The documentation does not specify the use of delimiters or markers to isolate database query results from the agent's internal instructions.
  • Capability inventory: Analyzing database performance metrics and generating remediation recommendations or configuration changes.
  • Sanitization: There is no evidence of sanitization or validation logic applied to the data retrieved from the database before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:37 AM