Neon Database Complete Documentation
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
This skill is reasonable to install as a reference corpus. Treat all CLI, plugin, MCP, SQL, migration, and API-key examples as documentation only: do not let an agent run them or grant credentials without explicit review, and verify sensitive workflows against official Neon docs. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may prefer Neon's serverless driver by default when generating database code.
This is directive code-generation guidance that can steer an agent's default implementation choice. It is purpose-aligned with Neon serverless guidance and includes exceptions, but users should know it may bias generated code.
For **Next.js + Vercel + Neon**, ALWAYS: import { neon } from '@neondatabase/serverless';Confirm the target runtime before applying the recommendation, especially for long-lived Node.js servers where the document itself lists exceptions.
If run, the command could modify the local development environment and Neon account setup.
This documented setup command can run local package code and change authentication/editor configuration if a user chooses to follow it. The skill does not show automatic execution.
npx neonctl@latest init ... authenticates via OAuth, creates an API key, configures your editor ... and installs agent skills
Do not allow an agent to run setup commands automatically; review the command and approve it only when you intend to configure Neon tooling.
Providing these credentials to an agent or plugin may allow it to access or change Neon project/database resources.
The documentation describes external agents that require Neon credentials or connection details. This is expected for Neon integrations, but those credentials are sensitive.
Both agents require: - **Neon API Key** ... - **Project ID or connection string**
Use least-privilege credentials where possible, keep API keys out of chat logs and repositories, and revoke keys that are no longer needed.
If configured, an external AI tool could query or mutate live database resources through the MCP integration.
The docs describe an MCP/plugin path where another AI agent can operate against live Neon APIs and databases. This is disclosed and relevant, but it creates a sensitive boundary.
The plugin’s MCP server integration lets Claude interact with Neon’s live API endpoints ... Create or delete branches and databases ... Run SQL queries and migrations
Only configure MCP/plugins from trusted sources, review their permissions, and require confirmation before destructive database actions.
Users cannot fully verify from the registry metadata alone that the packaged documentation exactly matches upstream Neon docs.
The registry source is not provided, while SKILL.md claims the contents are extracted from official Neon documentation. This is a provenance gap, though the supplied artifacts show a documentation-only package.
Source: unknown
For sensitive commands, credential setup, or database-mutation workflows, compare against the official Neon documentation before acting.