Back to skill

Security audit

Clickhouse for Developers

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only ClickHouse guide; the main caution is to review any database-changing SQL before running it.

Install this if you want ClickHouse operational guidance. Before running generated commands, manually review SQL that changes data or schema, especially DELETE, DROP PARTITION, DROP TABLE, RENAME, ALTER, MATERIALIZE INDEX, migration scripts, and join_use_nulls=0 settings. Use least-privilege database credentials and require explicit approval before production changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Low
Confidence
90% confidence
Finding
The guidance recommends setting `join_use_nulls = 0` for performance and simpler handling, but it does not clearly warn that this changes outer-join semantics by replacing missing matches with type default values such as `''` or `0`. In an analytics/database skill, this can cause users to misinterpret missing relationships as real values, leading to incorrect aggregations, filtering, data quality decisions, or application logic bugs with security or business impact.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.