ClawHub

neo4j-cypher-query-analyze

v1.0.0

智能图数据库查询助手 - 自动感知 Schema 结构,根据自然语言生成精准的 Cypher 查询

1· 233·0 current·0 all-time
by@jeffrao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description and declared requirements align: it is a Neo4j/graph-query assistant that needs DB URI, user, password and database and uses curl to call the Neo4j HTTP API. Optional GRAPHDB_TYPE is reasonable for multi-engine support though the instructions are Neo4j-specific.
Instruction Scope
Instructions stay within the stated purpose (schema discovery, query generation, safety checks, execution via curl). One area to note: schema detection includes sampling actual nodes (MATCH (n:Label) RETURN n LIMIT 1) and caching sample properties in memory; those samples can contain real data. The SKILL.md includes masking of sensitive property names, but sampling may still capture non-declared sensitive values. All external network calls are to the target DB using the provided credentials; no unexpected external endpoints are referenced.
Install Mechanism
Instruction-only skill with no install spec or downloaded code. This minimizes filesystem/write risk; required binary is only curl which is appropriate for the described HTTP API usage.
Credentials
Required env vars (GRAPHDB_URI, GRAPHDB_USER, GRAPHDB_PASSWORD, GRAPHDB_DATABASE) are exactly what a DB-integrating skill needs. No unrelated credentials or broad system secrets are requested.
Persistence & Privilege
always:false and the skill caches schema in the agent 'memory' tool only. It does not request permanent system-level presence or modify other skills' configs. Autonomous invocation is allowed (platform default) but not excessive by itself.
Assessment
This skill appears coherent for generating and running Neo4j Cypher queries, but take these precautions before installing: - Only provide a least-privilege DB account (read-only) unless you explicitly need write operations; verify config security.allow_write_operations is false. - Confirm GRAPHDB_URI uses TLS/secure endpoint and the agent's network access is restricted to the DB host (avoid exposing credentials to wide networks). - Be aware schema sampling (MATCH ... RETURN n LIMIT 1) will read real node data and the skill caches sample properties in memory; if your graph contains sensitive data, test on a non-production snapshot or increase the sensitive_properties list in config.yaml. - Require explicit confirmations for any write operations and review audit logs when the skill runs queries. - If you do not want the agent to call this skill autonomously, disable autonomous invocation or restrict when it is invoked. - Rotate credentials after testing and avoid supplying admin-level credentials to third-party or unknown skills.

Like a lobster shell, security has layers — review code before you run it.

latestvk971h3p8n57b4w77nmdfyp53ch82nxbr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
Binscurl
EnvGRAPHDB_URI, GRAPHDB_USER, GRAPHDB_PASSWORD, GRAPHDB_DATABASE

Comments