Back to skill

Security audit

Database Optimization

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed database-optimization reference skill with no executable code, hidden behavior, or data export behavior found.

Install this if you want Chinese-language database optimization guidance. Review suggested SQL against your own schema and run changes like CREATE INDEX, SET GLOBAL, or CREATE EXTENSION only in controlled environments with backups or approval.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs activation on very broad, common phrases such as '查询很慢', '加个索引', and '数据库卡了', plus 'immediately use this skill'. That can cause over-triggering in loosely related conversations, reducing user control and increasing the chance the agent applies specialized database guidance when the request lacks sufficient context or the user intended a different tool or language.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The description is written to operate in Chinese without offering a language-selection mechanism or clarifying that responses should follow the user's language. This can cause mismatched-language responses, misunderstanding of operational steps, and unsafe execution of database changes if users misread recommendations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.