ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Neon Postgres

v1.0.0

Guides and best practices for working with Neon Serverless Postgres. Covers getting started, local development with Neon, choosing a connection method, Neon...

0· 415·1 current·1 all-time
byAndre Landgraf@andrelandgraf
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Neon Postgres guidance) matches the SKILL.md content: references to Neon docs, CLI usage, SDKs, and patterns. There are no unrelated environment variables, binaries, or config paths declared.
Instruction Scope
SKILL.md instructs the agent to prefer fetching official Neon docs (via direct .md URLs or curl Accept: text/markdown) and to use specific doc pages. It does not instruct reading local files, scanning system config, or accessing unrelated services. Note: it does expect the agent to make outbound HTTP requests to neon.com when invoked.
Install Mechanism
No install spec and no code files — instruction-only skills are lowest-risk from an installation perspective.
Credentials
The skill declares no required environment variables, credentials, or config paths. The SKILL.md does reference Neon connection methods and CLI commands (which in practice require credentials), but the skill itself does not request or store secrets.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent presence or modify other skills or system-wide settings.
Assessment
This skill is a documentation/help helper and appears coherent. Before using it, be aware it will fetch pages from neon.com (network access). Do not paste your Neon connection strings, API keys, or other secrets into conversations unless you trust the skill and understand where those secrets will be sent/stored. If you plan to run commands the skill suggests (neonctl, npx, or SDK usage), run them locally in a safe environment and only provide credentials to official Neon tooling or well-reviewed code. If you want an extra safety check, review any fetched doc URLs yourself in a browser rather than letting the agent retrieve them automatically.

Like a lobster shell, security has layers — review code before you run it.

latestvk97brkmryw544a94x37any43v581yfb7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Neon Serverless Postgres

Neon is a serverless Postgres platform that separates compute and storage to offer autoscaling, branching, instant restore, and scale-to-zero. It's fully compatible with Postgres and works with any language, framework, or ORM that supports Postgres.

Neon Documentation

The Neon documentation is the source of truth for all Neon-related information. Always verify claims against the official docs before responding. Neon features and APIs evolve, so prefer fetching current docs over relying on training data.

Fetching Docs as Markdown

Any Neon doc page can be fetched as markdown in two ways:

  1. Append .md to the URL (simplest): https://neon.com/docs/introduction/branching.md
  2. Request text/markdown on the standard URL: curl -H "Accept: text/markdown" https://neon.com/docs/introduction/branching

Both return the same markdown content. Use whichever method your tools support.

Finding the Right Page

The docs index lists every available page with its URL and a short description:

https://neon.com/docs/llms.txt

Common doc URLs are organized in the topic links below. If you need a page not listed here, search the docs index: https://neon.com/docs/llms.txt — don't guess URLs.

What Is Neon

Use this for architecture explanations and terminology (organizations, projects, branches, endpoints) before giving implementation advice.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/what-is-neon.md

Getting Started

Use this for first-time setup: org/project selection, connection strings, driver installation, optional auth, and initial schema setup.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/getting-started.md

Connection Methods & Drivers

Use this when you need to pick the correct transport and driver based on runtime constraints (TCP, HTTP, WebSocket, edge, serverless, long-running).

Link: https://neon.com/docs/ai/skills/neon-postgres/references/connection-methods.md

Serverless Driver

Use this for @neondatabase/serverless patterns, including HTTP queries, WebSocket transactions, and runtime-specific optimizations.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/neon-serverless.md

Neon JS SDK

Use this for combined Neon Auth + Data API workflows with PostgREST-style querying and typed client setup.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/neon-js.md

Developer Tools

Use this for local development enablement with npx neonctl@latest init, VSCode extension setup, and Neon MCP server configuration.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/devtools.md

Neon CLI

Use this for terminal-first workflows, scripts, and CI/CD automation with neonctl.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/neon-cli.md

Neon Admin API

The Neon Admin API can be used to manage Neon resources programmatically. It is used behind the scenes by the Neon CLI and MCP server, but can also be used directly for more complex automation workflows or when embedding Neon in other applications.

Neon REST API

Use this for direct HTTP automation, endpoint-level control, API key auth, rate-limit handling, and operation polling.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/neon-rest-api.md

Neon TypeScript SDK

Use this when implementing typed programmatic control of Neon resources in TypeScript via @neondatabase/api-client.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/neon-typescript-sdk.md

Neon Python SDK

Use this when implementing programmatic Neon management in Python with the neon-api package.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/neon-python-sdk.md

Neon Auth

Use this for managed user authentication setup, UI components, auth methods, and Neon Auth integration pitfalls in Next.js and React apps.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/neon-auth.md

Neon Auth is also embedded in the Neon JS SDK - so depending on your use case, you may want to use the Neon JS SDK instead of Neon Auth. See https://neon.com/docs/ai/skills/neon-postgres/references/connection-methods.md for more details.

Branching

Use this when the user is planning isolated environments, schema migration testing, preview deployments, or branch lifecycle automation.

Key points:

  • Branches are instant, copy-on-write clones (no full data copy).
  • Each branch has its own compute endpoint.
  • Use the neonctl CLI or MCP server to create, inspect, and compare branches.

Link: https://neon.com/docs/ai/skills/neon-postgres/references/branching.md

Autoscaling

Use this when the user needs compute to scale automatically with workload and wants guidance on CU sizing and runtime behavior.

Link: https://neon.com/docs/introduction/autoscaling.md

Scale to Zero

Use this when optimizing idle costs and discussing suspend/resume behavior, including cold-start trade-offs.

Key points:

  • Idle computes suspend automatically (default 5 minutes, configurable) (unless disabled - launch & scale plan only)
  • First query after suspend typically has a cold-start penalty (around hundreds of ms)
  • Storage remains active while compute is suspended.

Link: https://neon.com/docs/introduction/scale-to-zero.md

Instant Restore

Use this when the user needs point-in-time recovery or wants to restore data state without traditional backup restore workflows.

Key points:

  • Restore windows depend on plan limits.
  • Users can create branches from historical points-in-time.
  • Time Travel queries can be used for historical inspection workflows.

Link: https://neon.com/docs/introduction/branch-restore.md

Read Replicas

Use this for read-heavy workloads where the user needs dedicated read-only compute without duplicating storage.

Key points:

  • Replicas are read-only compute endpoints sharing the same storage.
  • Creation is fast and scaling is independent from primary compute.
  • Typical use cases: analytics, reporting, and read-heavy APIs.

Link: https://neon.com/docs/introduction/read-replicas.md

Connection Pooling

Use this when the user is in serverless or high-concurrency environments and needs safe, scalable Postgres connection management.

Key points:

  • Neon pooling uses PgBouncer.
  • Add -pooler to endpoint hostnames to use pooled connections.
  • Pooling is especially important in serverless runtimes with bursty concurrency.

Link: https://neon.com/docs/connect/connection-pooling.md

IP Allow Lists

Use this when the user needs to restrict database access by trusted networks, IPs, or CIDR ranges.

Link: https://neon.com/docs/introduction/ip-allow.md

Logical Replication

Use this when integrating CDC pipelines, external Postgres sync, or replication-based data movement.

Key points:

  • Neon supports native logical replication workflows.
  • Useful for replicating to/from external Postgres systems.

Link: https://neon.com/docs/guides/logical-replication-guide.md

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…