数据库诊断与优化

Security checks across malware telemetry and agentic risk

Overview

This is a database diagnostics helper whose access is aligned with its purpose, but users should handle its diagnostic output as sensitive.

Install only if you trust and already intend to use the dbskiter CLI for database troubleshooting. Confirm the target database before broad diagnostics, use a read-only or least-privileged account, and redact SQL literals, personal data, schema names, usernames, and lock/session details before sharing outputs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill encourages diagnostic commands that can surface raw SQL text, query literals, schema details, lock/session state, and performance metadata, but it does not warn users that these outputs may contain sensitive information. In an AI-mediated workflow, such outputs may be echoed, logged, summarized, or shared more broadly than intended, increasing the risk of credential, PII, or internal topology exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal