ClawHub

pgvector

v1.0.0

PostgreSQL vector database skill with pgvector extension. Enables vector similarity search, embeddings storage, RAG (Retrieval-Augmented Generation) pipeline...

0· 307·1 current·1 all-time
by@damiencronw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (PostgreSQL + pgvector helper for embeddings, similarity search, and RAG) matches the SKILL.md content: SQL for creating vector tables, indexes, queries, and a Python insertion example. There are no extraneous dependencies or unrelated capabilities requested.
Instruction Scope
Instructions stay on-topic (connecting to Postgres, creating tables/indexes, inserting/searching embeddings). They do not instruct reading arbitrary system files or exfiltrating data to external endpoints. However, the SKILL.md contains DDL/DML (CREATE/INSERT/UPDATE/DELETE) which — if the agent executes them against a live DB — will change data. The doc also uses explicit connection defaults (localhost:5433, user 'damien', empty password) which are operational details that could be misused if applied without care.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is downloaded or written to disk by the skill itself.
Credentials
The skill does not declare or require environment variables or credentials (good minimal surface). It does show example PG environment variables (PGHOST, PGPORT, PGUSER, PGPASSWORD) and a default empty password in examples — these are examples only, but users should not assume the skill needs or will get secrets automatically. Recommend using a least-privilege DB user and non-empty password in real deployments.
Persistence & Privilege
always:false (normal) and the skill does not request persistent system-level privileges or attempt to modify other skill/system configs. Autonomous invocation is allowed by platform default — this is expected and not by itself a problem.
Assessment
This skill appears to be a straightforward pgvector/Postgres cheat-sheet and is consistent with its description. Before installing or invoking it: (1) ensure you only connect the agent to a test or controlled Postgres instance first — the SQL examples include CREATE/INSERT/UPDATE/DELETE which can modify data; (2) do not use the example 'empty' password in production and prefer a least-privilege DB user; (3) ensure the pgvector extension is installed on the target DB and that the agent has only the permissions it needs (read-only if you only want retrieval); (4) note the skill is instruction-only from an unknown/anonymous source (no homepage) — if you need guarantees about correctness or safety, review the SQL commands yourself or run them in a sandbox before letting an agent execute them automatically.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c0xwm7dy7e7ffd55w65znt182he7e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔢 Clawdis

Comments