Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
sql-reports
v1.0.0Connects to SQL Server to retrieve and generate monthly, quarterly, and yearly delivery order reports with performance comparisons and growth metrics.
⭐ 0· 120·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose (generate monthly/quarterly/yearly delivery reports) matches the presence of SQL query code, but there are inconsistencies: SKILL.md names the Database as 'DeliveryDB' while query.py uses 'PDFExtraction'; SKILL.md documents queries like 'monthly_comparison' and 'quarterly_report' that are not implemented in query.py. The core capability (querying SQL Server) is coherent but the documentation and implementation disagree.
Instruction Scope
SKILL.md tells the agent to connect to LTEDP056\SQLEXPRESS and install ODBC/pyodbc, which is appropriate for a SQL-reporting skill. However, SKILL.md does not mention credentials, while query.py contains a hard-coded connection string (server, DB, UID, PWD) and will print full query results to stdout. The instructions do not declare or constrain use of these embedded credentials or the sensitivity of the returned data.
Install Mechanism
No install specification is provided; this is an instruction+code skill that relies on Python and pyodbc. That is a low install risk (nothing is downloaded/installed by the skill itself).
Credentials
The code contains plaintext DB credentials (UID=ptcl-bot; PWD=ptcl-bot123) and a hard-coded server name, yet the skill declares no required environment variables or primary credential. Requesting/including credentials in the code (instead of using declared/env-provided secrets) is disproportionate and insecure. The skill also requires network access to an internal host, which is not explicitly represented in metadata.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-wide privileges or modify other skills. Execution simply runs query.py and yields outputs; autonomous invocation is allowed by platform default but is not combined here with elevated privileges.
What to consider before installing
Do not run this skill against your environment without review. Specific concerns: (1) query.py contains plaintext DB credentials and a hard-coded server — treat these as sensitive and potentially invalid or stale; (2) SKILL.md and the code disagree on the database name and available queries, so functionality may be incomplete or incorrect; (3) running the script will print database rows (possibly sensitive PII/product data) to stdout. Before installing: ask the publisher for the correct architecture and for removal of embedded credentials; require credentials be provided via secure environment variables or a secrets store and documented in the skill metadata; validate the queries and least-privilege DB account; run any untrusted code in an isolated environment and audit network destinations. If these fixes are not made, consider the skill unsafe to use.Like a lobster shell, security has layers — review code before you run it.
latestvk9779960tpe1ay1p8t4d1apbf58360w0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.