ClickHouse
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent ClickHouse administration skill, with expected but sensitive database-changing commands and local memory that users should manage carefully.
This skill appears suitable for ClickHouse work. Before installing, be comfortable with an agent helping generate or run ClickHouse SQL, and require review for any command that changes schemas, inserts data, deletes data, kills queries, or changes retention. Keep credentials out of prompts and command examples, and check ~/clickhouse/memory.md if you want to control what connection and schema details are retained.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or premature SQL command could change schemas, remove columns, trigger expensive merges, or affect production database behavior.
The skill documents schema migration and optimization commands that can modify or remove database data. This is expected for ClickHouse administration, but the impact can be significant.
ALTER TABLE events DROP COLUMN old_field; ... OPTIMIZE TABLE events FINAL;
Review and explicitly approve any INSERT, ALTER, DROP, KILL, OPTIMIZE, TTL, or migration command before letting the agent run it against a real database.
If real credentials are pasted into prompts, shell commands, URLs, or saved queries, they may be retained in logs, histories, or local memory.
The documentation includes examples using ClickHouse passwords and cloud access keys. These are normal for authenticated database and S3 access, but credentials in command lines or SQL can be exposed through history or logs.
curl 'http://localhost:8123/?user=default&password=xxx' ... s3('https://bucket.s3.amazonaws.com/data/*.parquet', 'AWS_KEY', 'AWS_SECRET', 'Parquet')Use secure credential handling where possible, avoid placing secrets directly in prompts or URLs, and prefer scoped/temporary credentials for database and S3 access.
Connection profiles, schema notes, and query patterns may persist across future sessions and influence later recommendations.
The skill intentionally stores persistent local context about the user's ClickHouse environment. This is useful for optimization help but may include sensitive infrastructure and schema details.
Save to ~/clickhouse/memory.md: - Host, port, database - Auth method (if any) - Whether it's a cluster
Do not store passwords or secrets in ~/clickhouse/memory.md, review the file periodically, and delete it if you do not want the agent to retain ClickHouse context.