Database Query Best Practices
v1.0.0Prevent connection pool exhaustion when querying Railway PostgreSQL database. Use when (1) Running database queries from local environment, (2) Diagnosing "t...
⭐ 0· 81·1 current·1 all-time
byToby Morning@urbantech
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name and description match the SKILL.md content: all instructions relate to detecting/avoiding connection-pool exhaustion for a Railway-hosted Postgres DB (checking pg_stat_activity, using short-lived connections, using Railway CLI, killing local dev servers). Nothing requested is unrelated to that purpose.
Instruction Scope
The runtime instructions stay within scope (checking active connections, closing connections, using Railway CLI). However, they include potentially destructive operational steps (pkill -9 to kill processes, pkill -9 node, and SQL to pg_terminate_backend) and refer to running queries against production; these are high-impact actions and should be used with caution and proper permissions. The SKILL.md also shows a hard-coded DATABASE_URL example with credentials placeholder which could encourage insecure handling of secrets.
Install Mechanism
Instruction-only skill with no install spec and no shipped code — lowest risk for code being written to disk or arbitrary downloads.
Credentials
The skill requests no environment variables or credentials, which matches the registry metadata. However, the examples show embedding a DATABASE_URL with credentials in scripts; the skill does not instruct secure secret handling (e.g., use env vars or secret managers). Connecting to the DB requires credentials in practice, but those are not requested or described in a secure manner.
Persistence & Privilege
always is false and the skill is user-invocable only. There is no indication it modifies other skills or system-wide settings; it does not request persistent presence or elevated platform privileges.
Assessment
This skill appears to do what it says, but review and be careful before executing its commands: 1) Do NOT run pkill -9 or pkill -9 node unless you understand which processes will be killed — this can terminate unrelated work. 2) The pg_terminate_backend SQL will forcibly drop connections on the database and can impact production; only run it if you have proper authorization and have confirmed impact. 3) Avoid hard-coding DATABASE_URL or credentials in scripts; use environment variables or a secrets manager instead. 4) Prefer Railway CLI for ad-hoc queries as suggested, and test any termination commands on a staging copy first. 5) Ensure you have backups and required permissions before performing emergency operations. If you want, I can rewrite the examples to use environment variables, recommend safer process-stop commands, or add guardrails (confirmation prompts, dry-run checks) to reduce risk.Like a lobster shell, security has layers — review code before you run it.
latestvk978fzxbm1pbx6xnzsaz5sb0r183g1c2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.