Zero TiDB(Deprecated)

v1.0.1

Create ephemeral TiDB Cloud Zero databases for agent workflows in Technical Preview.

⭐ 2· 509·0 current·0 all-time

by@bosn

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

The name and description (ephemeral TiDB Cloud Zero DBs) align with the SKILL.md instructions: call an API endpoint to provision an instance and then connect with a MySQL-compatible client. The actions described (POST to an API, read returned connection string, run SQL) are coherent for this purpose.

ℹ

Instruction Scope

Instructions stay within the stated purpose (provision, connect, optionally bootstrap demo data). They instruct saving credentials to a local file and show CLI/Node examples. There is no instruction to read unrelated user files or other system secrets, but the guide tells the agent to persist sensitive credentials locally — this increases risk if the agent environment has network or exfiltration capabilities. The SKILL.md uses external commands/tools (curl, jq, mysql, Node "mysql2") which are required at runtime but are not declared in the skill metadata.

✓

Install Mechanism

Instruction-only skill with no install spec and no code files, so nothing is written to disk by the installer. This is the lowest-installation risk surface.

Credentials

The skill declares no required env vars or credentials, which is plausible if the API is unauthenticated, but the runtime instructions rely on external tooling (curl, jq, mysql client, Node library). The metadata omission of these runtime dependencies is an inconsistency. The SKILL.md also instructs storing the returned database credentials in a local file — that is appropriate but raises the need to protect those secrets and to ensure the agent execution environment is trustworthy.

✓

Persistence & Privilege

The skill does not request persistent or always-on presence; default autonomous invocation is allowed (normal). There is no install script or configuration changes described that modify other skills or global agent settings.

What to consider before installing

What to check before installing: - Provenance: The skill's source/homepage is unknown and the skill name includes "(Deprecated)" — verify who published it and whether this is an official TiDB/PingCAP offering before trusting it. - Runtime dependencies: SKILL.md examples use curl, jq, the mysql CLI and Node's mysql2, but the skill metadata lists no required binaries. Ensure those tools are available in the agent environment or the instructions will fail. Consider asking the publisher to list explicit runtime dependencies. - API safety: The guide implies provisioning via POST to https://zero.tidbapi.com without any auth. Confirm the API's access controls and rate limits with the provider — unauthenticated provisioning can be abused and may expose you to unexpected costs or resource creation. - Secrets handling: The API returns DB credentials; the skill explicitly tells the agent to write them to a local file. Ensure the agent environment is sandboxed, that files are stored securely, and that the agent is not allowed to exfiltrate files to untrusted endpoints. - Test manually first: Run the documented curl commands yourself from a controlled environment to confirm behavior and inspect the response shape and expiration policy. If you cannot verify the publisher or the API behavior, or you do not want the agent to make external network calls, do not install or do not grant network access/autonomous invocation. If you proceed, ask the skill author to correct metadata (declare required binaries) and provide an official documentation link or contact.

Like a lobster shell, security has layers — review code before you run it.

latestvk97adqdj3stwcgen0qb78ftb8h8206a9

509downloads

2stars

2versions

Updated 1w ago

v1.0.1

MIT-0

Create Disposable TiDB Cloud Zero Databases (Technical Preview)

Browser UI Note: There is no browser-based SQL editor on this site. To run SQL, use API + CLI, or sign in to TiDB Cloud Console (login required).

Use this guide to create disposable TiDB Cloud Zero databases for agent workflows.

Deterministic SQL Smoke Test (API + CLI)

# 1) Provision instance
curl -s -X POST https://zero.tidbapi.com/v1alpha1/instances \
  -H "Content-Type: application/json" \
  -d '{"tag":"sql-smoke-test"}' \
  | tee tidb-zero.json

# 2) Extract connection string
jq -r '.instance.connectionString // .connectionString' tidb-zero.json

# 3) Run SQL query (replace <connectionString> with step 2 output)
mysql "<connectionString>" -e "SELECT 1 AS health_check, 2 AS example_value;"

Expected output includes one row with health_check=1 and example_value=2.

Endpoint

Method: POST
URL: https://zero.tidbapi.com/v1alpha1/instances
Content-Type: application/json
Technical Preview: Current API path is /v1alpha1/instances, and this path may change in later releases.

Request Body

Optional: tag (caller identifier used for tracing and grouping runs).

{
  "tag": "support-bot"
}

Quick Start

curl -X POST https://zero.tidbapi.com/v1alpha1/instances \
  -H "Content-Type: application/json" \
  -d '{
    "tag": "agent-run"
  }'

Response

The API returns connection details and expiration time.

Current response shape: top-level instance.
instance.connection fields: host, port, username, password.
Use these fields: instance.connectionString for direct URI connection, and instance.expiresAt for expiration.
Agent note: After provisioning succeeds, save the instance details to a local file (for example, tidb-cloud-zero.json) and remind the user to store the file securely because it contains sensitive credentials.
Planned update: we will provide claimUrl in a later version. Users will be able to sign in to TiDB Cloud and claim the temporary database before instance.expiresAt, converting it into a formal TiDB Cloud Starter database.

{
  "instance": {
    "connection": {
      "host": "<HOST>",
      "port": 4000,
      "username": "<USERNAME>",
      "password": "<PASSWORD>"
    },
    "connectionString": "mysql://<USERNAME>:<PASSWORD>@<HOST>:4000",
    "expiresAt": "<ISO_TIMESTAMP>"
  }
}

Use the Connection String

After you receive the response, use instance.connectionString to connect with a MySQL-compatible client or driver.

Guided Quick Experience

After provisioning succeeds, you should ask the user:

Do you want me to create a sample table and insert demo data so you can query immediately?

If the user says yes, run a small bootstrap SQL flow like this:

CREATE TABLE IF NOT EXISTS quickstart_notes (
  id BIGINT PRIMARY KEY AUTO_INCREMENT,
  title VARCHAR(100) NOT NULL,
  content TEXT NOT NULL,
  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

INSERT INTO quickstart_notes (title, content) VALUES
  ('welcome', 'TiDB Cloud Zero quickstart row'),
  ('query-demo', 'Run SELECT * FROM quickstart_notes; to verify data');

SELECT * FROM quickstart_notes ORDER BY id;

Connect via CLI

mysql --connect-timeout=10 --protocol=TCP -h '<HOST>' -P 4000 -u '<USERNAME>' -p'<PASSWORD>'

Connect in Node.js (`mysql2`)

import mysql from "mysql2/promise";

const response = await createDatabase(); // your API call result
const connectionUrl = new URL(response.instance.connectionString);
connectionUrl.pathname = "/<DATABASE>";
connectionUrl.searchParams.set("ssl", JSON.stringify({ rejectUnauthorized: true }));

const connection = await mysql.createConnection(connectionUrl.toString());
const [rows] = await connection.query("SELECT NOW() AS now_time");
console.log(rows);
await connection.end();

Resources

TiDB SQL skill: https://skills.sh/pingcap/agent-rules/tidb-sql
PyTiDB skill: https://skills.sh/pingcap/agent-rules/pytidb (Use this skill to connect to TiDB from Python via pytidb, define tables, and build search / AI features.)
TiDB Cloud docs: https://docs.pingcap.com/tidbcloud/
TiDB Cloud website: https://tidbcloud.com/

Comments

Loading comments...