Skills

scanning-database-security

Installation
SKILL.md

Database Security Scanner

Overview

Audit database security configurations, user privileges, network exposure, and data protection controls for PostgreSQL, MySQL, and MongoDB. This skill scans for common vulnerabilities including excessive privileges, missing encryption, default passwords, exposed network ports, unpatched versions, and SQL injection vectors in application code.

Prerequisites

  • Database admin credentials for querying system catalogs and security settings
  • psql, mysql, or mongosh CLI tools installed
  • Access to database configuration files (postgresql.conf, pg_hba.conf, my.cnf, mongod.conf)
  • Application source code access for SQL injection scanning (using Grep/Glob tools)
  • Knowledge of applicable compliance frameworks (SOC 2, HIPAA, PCI-DSS, GDPR)

Instructions

  1. Check authentication configuration by reviewing pg_hba.conf (PostgreSQL) or mysql.user table. Flag any entries using trust authentication, allowing connections without passwords. Verify password_encryption = scram-sha-256 (not md5) in PostgreSQL.
Installs
2
Repository
jeremylongshore…s-skills
GitHub Stars
2.3K
First Seen
Mar 3, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
scanning-database-security — jeremylongshore/claude-code-plugins-plus-skills