ClawHub

Database Replication Advisor

Security checks across malware telemetry and agentic risk

Overview

This is a coherent database operations guide, but it includes live write and failover commands that could change or disrupt a production database without strong safety gates.

Install only if you want an agent-assisted database operations runbook and will keep execution under human control. Treat the heartbeat, failover, promotion, ALTER SYSTEM, AWS RDS failover, table create/drop, and pg_rewind examples as active operational procedures: use test environments or dedicated test objects, least-privileged credentials, backups, change approval, and a maintenance window before running them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The `assess` workflow is presented as a health check, but it includes an application-level heartbeat that creates a table and performs inserts/updates on the primary database. In an agent setting, a supposedly read-only assessment that mutates production state can violate change-control expectations and may trigger side effects, especially on sensitive or tightly controlled databases.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The `failover-test` section claims to plan and validate a drill, but it provides commands that actively perform switchover/failover and alter database configuration. If an agent executes these during analysis or planning, it could cause real service disruption, forced role changes, or unintended outage in production.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
There is a mismatch between the stated purpose ('plan and validate a failover drill') and the actual content, which performs the failover. This kind of semantic mismatch is dangerous for autonomous or semi-autonomous agents because users may invoke a planning skill expecting analysis only, while the skill contains live operational actions.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The lag assessment writes to the database by creating `_repl_heartbeat` and updating it, but the skill does not warn that this modifies data. In production environments, undisclosed writes can breach operational policy, create audit noise, interfere with permissions assumptions, and surprise users who requested a passive health check.

Missing User Warnings

High
Confidence
97% confidence
Finding
The failover validation step creates and drops a table on the new primary to test write capability without an explicit warning. Even if transient, this is a destructive schema-changing operation that can fail, lock metadata, trigger replication or auditing side effects, and is especially risky immediately after failover when systems may still be unstable.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal