Neon Postgres Egress Optimizer

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Postgres/Neon cost-optimization guide with disclosed database diagnostic steps and no hidden execution or data transfer behavior.

Safe to install as a guide. Before using it against production, confirm the database target and get approval before creating extensions, resetting pg_stat_statements, or changing query shapes, because those actions can affect monitoring history or API behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill explicitly says it should be used for reviewing query patterns for cost efficiency even when the user does not mention egress or data transfer, which broadens activation beyond a narrowly scoped Neon/Postgres billing use case. Overly broad activation can cause the agent to invoke this skill during general code review, leading to unnecessary database-focused guidance, reduced precision, and possible exposure of code or query details in contexts where this skill is not the best fit.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal