Skillv1.0.0

ClawScan security

Database Schema Differ · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 9, 2026, 7:39 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's documentation and metadata claim live database connectivity (SQLAlchemy/Alembic support) and broad functionality, but the included code only parses local SQL files and explicitly does not implement database connections — this mismatch is unexpected and could lead to misuse or data exposure if run against production systems.
Guidance: The skill's README and SKILL.md promise live DB comparisons using SQLAlchemy/Alembic, but the bundled script only supports parsing local .sql files and explicitly returns "Database connections not implemented." That mismatch could be an unfinished/abandoned feature or misleading documentation. Before using: 1) Do not run this against production databases thinking it will produce safe migrations. 2) Inspect and test scripts/main.py on non-sensitive local SQL files to verify behavior. 3) Avoid passing connection strings containing passwords on command lines (use secure methods like environment variables or config files) — the examples show inline credentials which are visible to other local users. 4) If you need live DB support, ask the author for confirmation or a version that actually imports and uses SQLAlchemy/Alembic. 5) Consider running the tool in an isolated environment (container) and review generated migration SQL carefully before applying it.

Review Dimensions

Purpose & Capability: concernThe name/description promise comparing live databases, migration generation, and support for multiple DB backends via SQLAlchemy/Alembic. The SKILL.md and README repeat that. However, the shipped implementation (scripts/main.py) only parses local .sql files and returns an explicit error for connection strings ("Database connections not implemented in this version"). The metadata lists SQLAlchemy and Alembic as Python requirements but the code does not import or use them. This is an incoherence between claimed capabilities and actual code.
Instruction Scope: noteRuntime instructions and examples show passing full DB connection strings (including user:pass@host) on the CLI. That is expected for a DB tool, but the code will treat non-.sql sources as unimplemented and print errors. The examples therefore mislead operators into believing live DB comparisons are supported. Also, passing credentials on the command line exposes them to local process-list inspection — the SKILL.md does not warn about that.
Install Mechanism: okThere is no install spec (instruction-only skill) and no downloads; this minimizes install-time risk. The README suggests installing Python packages (sqlalchemy, alembic, DB drivers) via pip, but nothing is automatically fetched or executed by the skill itself.
Credentials: noteThe skill declares no required environment variables or credentials, which is proportionate for a tool that operates on local SQL files. However, SKILL.md/README encourage supplying DB connection strings including credentials on the CLI; that can expose secrets. The metadata lists third-party Python packages as requirements even though the included code does not use them — raising questions about why those packages are declared.
Persistence & Privilege: okThe skill does not request persistent privileges, does not set always:true, and has no install actions that modify system or other skills. It operates as a CLI script and will only read files explicitly provided to it.