CtrlK
BlogDocsLog inGet started
Tessl Logo

managing-database-replication

Process use when you need to work with database scalability. This skill provides replication and sharding with comprehensive guidance and automation. Trigger with phrases like "set up replication", "implement sharding", or "scale database".

66

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Risky

Do not use without reviewing

SKILL.md
Quality
Evals
Security

Security

2 findings — 1 high severity, 1 medium severity. You should review these findings carefully before considering using this skill.

High

W007: Insecure credential handling detected in skill instructions

What this means

The skill handles credentials insecurely by requiring the agent to include secret values verbatim in its generated output. This exposes credentials in the agent’s context and conversation history, creating a risk of data exfiltration.

Why it was flagged

Insecure credential handling detected (high risk: 0.90). The prompt includes literal plaintext replication passwords (e.g., CREATE ROLE ... PASSWORD 'secure_password' and SOURCE_PASSWORD='...') and asks for configuration files and initialization scripts, which forces the LLM to emit secret values verbatim into generated commands and configs, creating an exfiltration risk.

Report incorrect finding
Medium

W013: Attempt to modify system services in skill instructions

What this means

The skill prompts the agent to compromise the security or integrity of the user’s machine by modifying system-level services or configurations, such as obtaining elevated privileges, altering startup scripts, or changing system-wide settings.

Why it was flagged

Attempt to modify system services in skill instructions detected (high risk: 0.90). This skill directs the agent to perform privileged, state-changing operations on database servers—editing system configuration files (pg_hba.conf, my.cnf), writing into system data directories (e.g., /var/lib/postgresql/data), creating replication roles, stopping services, and managing replication slots—which can modify the machine's configuration and require elevated privileges.

Repository
jeremylongshore/claude-code-plugins-plus-skills
Audited
Security analysis
Snyk

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.