Postgres Hardened

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only PostgreSQL reference with expected admin SQL examples, not a hidden installer or data-exfiltration tool.

Install only if you want PostgreSQL guidance. Do not blindly run the configuration template in production: review current settings first, test in staging, confirm administrator privileges, understand RAM/connection tradeoffs, and keep backups or rollback plans for impactful database changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The configuration template recommends privileged, system-level PostgreSQL changes such as ALTER SYSTEM and pg_reload_conf() without clear warnings about operational risk, privilege requirements, environment suitability, or rollback planning. In an agent context, this can normalize unsafe copy-paste execution and lead to outages, memory pressure, excessive connections, or degraded database stability in production.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal