Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Zero TiDB(Deprecated)
v1.0.1Create ephemeral TiDB Cloud Zero databases for agent workflows in Technical Preview.
⭐ 2· 450·0 current·0 all-time
by@bosn
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description (ephemeral TiDB Cloud Zero DBs) align with the SKILL.md instructions: call an API endpoint to provision an instance and then connect with a MySQL-compatible client. The actions described (POST to an API, read returned connection string, run SQL) are coherent for this purpose.
Instruction Scope
Instructions stay within the stated purpose (provision, connect, optionally bootstrap demo data). They instruct saving credentials to a local file and show CLI/Node examples. There is no instruction to read unrelated user files or other system secrets, but the guide tells the agent to persist sensitive credentials locally — this increases risk if the agent environment has network or exfiltration capabilities. The SKILL.md uses external commands/tools (curl, jq, mysql, Node "mysql2") which are required at runtime but are not declared in the skill metadata.
Install Mechanism
Instruction-only skill with no install spec and no code files, so nothing is written to disk by the installer. This is the lowest-installation risk surface.
Credentials
The skill declares no required env vars or credentials, which is plausible if the API is unauthenticated, but the runtime instructions rely on external tooling (curl, jq, mysql client, Node library). The metadata omission of these runtime dependencies is an inconsistency. The SKILL.md also instructs storing the returned database credentials in a local file — that is appropriate but raises the need to protect those secrets and to ensure the agent execution environment is trustworthy.
Persistence & Privilege
The skill does not request persistent or always-on presence; default autonomous invocation is allowed (normal). There is no install script or configuration changes described that modify other skills or global agent settings.
What to consider before installing
What to check before installing:
- Provenance: The skill's source/homepage is unknown and the skill name includes "(Deprecated)" — verify who published it and whether this is an official TiDB/PingCAP offering before trusting it.
- Runtime dependencies: SKILL.md examples use curl, jq, the mysql CLI and Node's mysql2, but the skill metadata lists no required binaries. Ensure those tools are available in the agent environment or the instructions will fail. Consider asking the publisher to list explicit runtime dependencies.
- API safety: The guide implies provisioning via POST to https://zero.tidbapi.com without any auth. Confirm the API's access controls and rate limits with the provider — unauthenticated provisioning can be abused and may expose you to unexpected costs or resource creation.
- Secrets handling: The API returns DB credentials; the skill explicitly tells the agent to write them to a local file. Ensure the agent environment is sandboxed, that files are stored securely, and that the agent is not allowed to exfiltrate files to untrusted endpoints.
- Test manually first: Run the documented curl commands yourself from a controlled environment to confirm behavior and inspect the response shape and expiration policy.
If you cannot verify the publisher or the API behavior, or you do not want the agent to make external network calls, do not install or do not grant network access/autonomous invocation. If you proceed, ask the skill author to correct metadata (declare required binaries) and provide an official documentation link or contact.Like a lobster shell, security has layers — review code before you run it.
latestvk97adqdj3stwcgen0qb78ftb8h8206a9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.