Db Explorer
ReviewAudited by ClawScan on May 14, 2026.
Overview
This is a coherent database helper, but it handles database credentials and powerful query/export commands, so use least-privilege access and review commands before execution.
Before installing, be comfortable with an agent running database client commands against databases you specify. Use read-only or least-privileged credentials, avoid inline passwords, review SQL before execution, confirm any write explicitly, and clean up exported files that may contain sensitive data.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overbroad database command could reveal too much data, export sensitive records, or modify data if the user approves a write.
The skill intentionally exposes raw database CLI workflows for querying and exporting data. This is powerful, but it matches the stated database-exploration purpose and is paired with read-only-by-default and confirmation guidance.
"Connect to databases, run queries, explore schemas, and export data — all from the terminal."
Use read-only credentials where possible, review the exact SQL or command before execution, limit result sizes, and require explicit approval for any write or full-table export.
If high-privilege or production credentials are provided, the agent may be able to read, export, or change sensitive database contents.
The skill expects user-provided database credentials or connection strings. Credential use is necessary for the purpose, but database credentials can grant broad access depending on the account used.
Ask the user for: "Connection string OR host/port/database/user/password"
Prefer temporary, read-only, least-privileged database users; avoid sharing admin credentials; and avoid pasting passwords directly into chat or command-line arguments when an environment variable or secure prompt can be used.
The user may need to install extra database client tools manually, and those tools should come from trusted package sources.
The skill documents use and installation of external database client CLIs, while the registry declares no required binaries and there is no install spec. The installs are user-directed and purpose-aligned, not automatic.
| PostgreSQL | psql | brew install postgresql | apt install postgresql-client |
Install database clients only from trusted package managers or official vendor instructions, and treat the registry metadata as incomplete for setup requirements.