The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute psql for database interactions. This is the intended and primary function of the skill.
[EXTERNAL_DOWNLOADS]: The skill uses npx dotenv to load environment variables. This may involve fetching the dotenv-cli package from the npm registry, which is a well-known and trusted package repository.
[CREDENTIALS_UNSAFE]: The documentation includes a hardcoded connection string (postgres://posthog:posthog@localhost:5432/posthog). These are the default, well-documented credentials for the PostHog local development environment (typically running via Docker Compose) and do not represent a compromise of sensitive or production information.
[PROMPT_INJECTION]: The skill processes user-supplied input via $ARGUMENTS to generate SQL queries. This vulnerability surface is well-mitigated by the mandatory use of PGOPTIONS='-c default_transaction_read_only=on', which ensures the database engine itself rejects any modification attempts, regardless of the generated SQL content.

querying-local-postgres