The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to utilize the hogli CLI tool (e.g., hogli metabase:query, hogli metabase:databases) for interacting with PostHog's production ClickHouse clusters via Metabase interfaces.
[DATA_EXFILTRATION]: Performs network operations to PostHog's official Metabase domains (metabase.prod-us.posthog.dev and metabase.prod-eu.posthog.dev) to execute analytical queries. These are trusted vendor endpoints used for their intended operational purpose.
[PROMPT_INJECTION]: The skill analyzes historical HogQL and SQL queries retrieved from audit logs, which constitutes an indirect prompt injection surface. However, the risk is negligible as the agent's capabilities are focused on data aggregation and read-only code exploration.
Ingestion points: Data is ingested from the posthog.query_log_archive table, which contains user-generated and AI-generated SQL query strings.
Boundary markers: The instructions do not specify the use of delimiters when processing individual log entries for the report.
Capability inventory: The skill has the capability to write markdown reports to local directories (sibling folders or /tmp) and spawn subagents for reading the posthog source code repository.
Sanitization: Includes a Python-based utility _ch_literal to escape single quotes, mitigating potential SQL injection when embedding queries into shareable Metabase URL fragments.
[SAFE]: Utilizes standard Base64 encoding to format JSON payloads into Metabase URL fragments for the purpose of creating clickable report links, rather than for obfuscation.
[SAFE]: Accesses the local filesystem and sibling repositories for managing report history and conducting code-level research, which is characteristic of standard developer tooling.

generating-clickhouse-query-performance-reports