PostgreSQL Performance Runbook
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill performs legitimate database diagnostic functions by querying PostgreSQL system views such as pg_stat_activity and pg_locks to identify performance bottlenecks.
- [EXTERNAL_DOWNLOADS]: The installation instructions provide commands using npx and clawhub to fetch the skill from the author's (agentskillexchange) official repository.
- [COMMAND_EXECUTION]: The skill documentation mentions utilizing pg_reload_conf() to apply database configuration adjustments, which is a standard administrative function in PostgreSQL performance tuning.
- [PROMPT_INJECTION]: The skill processes and interprets database query results and EXPLAIN ANALYZE reports, which represents an ingestion surface for potential indirect prompt injection if the database content is attacker-controlled.
- Ingestion points: PostgreSQL query results and execution plan outputs (SKILL.md).
- Boundary markers: Not explicitly defined in the provided runbook documentation.
- Capability inventory: Database connectivity, diagnostic query execution, and report interpretation.
- Sanitization: Not specified in the provided skill definition.
Audit Metadata