MySQL Slow Query Analyzer

Security checks across malware telemetry and agentic risk

Overview

This is a local MySQL query-analysis skill with no evidence of hidden data access, network upload, persistence, or destructive behavior.

Before installing, treat pasted production slow logs, schemas, and SQL literals as potentially sensitive and redact customer data, hostnames, and business identifiers where practical. The optimization output is heuristic advice, so review any index or rewrite suggestion before applying it to a real database.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrases include generic database terms such as "slow query" and "mysql explain", which are likely to appear in ordinary conversation and can cause the skill to activate outside its intended scope. Over-broad activation increases the chance the skill intercepts unrelated user requests, leading to confused routing, unintended disclosure of pasted SQL/log content to the wrong skill context, or prompt-scope interference with other tools.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal