seekdb
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If followed, this could execute whatever that remote script serves with administrator privileges on the user's machine.
The deployment instructions pipe a remote installer directly into a root shell, with no pinned version, signature, or checksum shown.
`curl -fsSL https://obportal.s3.ap-southeast-1.amazonaws.com/download-center/opensource/seekdb/seekdb_install.sh \| sudo bash`
Avoid curl-to-sudo installs where possible; use a verified package source, pin versions, inspect the installer, and require explicit user approval before any privileged install.
The agent could connect to a real or unintended database using existing local configuration, potentially with broad privileges.
The skill encourages direct command execution using automatically discovered database configuration and shows a full-privilege root account with no password.
`seekdb-cli auto-discovers the connection (env var, .env, ~/.seekdb/config.env, or default ~/.seekdb/seekdb.db)` ... `default port 2881, user root, empty password`
Use an explicit DSN for the intended database, prefer a least-privileged account, set a password, and confirm before running commands that can change data.
Normal use may read or modify database data and handle provider access keys.
The skill exposes database CLI operations, including SQL execution, adding documents, and registering model endpoints; these are aligned with the stated purpose but are high-impact actions.
`seekdb sql "SELECT ... LIMIT N" → execute SQL` ... `seekdb add <collection> --data '...'` ... `seekdb ai model endpoint create <ep> <model> --url <url> --access-key <key>`
Keep SQL read-only unless the user explicitly asks for changes, confirm write operations, and avoid pasting secrets into shared logs or transcripts.