Db Explorer
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a coherent database exploration guide, but it requires sensitive database access and includes commands that can read, export, or change data if the user approves them.
Before using this skill, be comfortable giving the agent database connection details. Prefer read-only credentials, avoid putting passwords directly in command lines or shell history, confirm every write operation, scope exports with filters or limits, and avoid broad Redis KEYS "*" commands on production systems.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user provides privileged credentials, the agent could query, export, or, with confirmation, modify important database data.
The skill requires database credentials or connection details. This is expected for a database explorer, but those credentials may grant access to sensitive or production data.
Ask the user for: - Database type (postgres/mysql/sqlite/mongo/redis) - Connection string OR host/port/database/user/password
Use read-only or least-privilege credentials whenever possible, avoid production admin accounts, and do not share passwords beyond the specific database task.
A confirmed write or destructive query could permanently change or remove database records.
The skill contemplates write, delete, and drop operations against databases. It does include an explicit confirmation requirement, making this purpose-aligned but still high-impact.
Never run INSERT/UPDATE/DELETE/DROP without explicit user confirmation
Review every write query before approving it, prefer transactions and rollback previews, and keep backups or recovery plans for important databases.
The agent could read or export more data than intended, or run a Redis command that affects performance on a large or production instance.
Some example commands are broad: exporting SELECT * can copy entire tables, and Redis KEYS "*" can be expensive on large Redis instances.
psql "$CONN" -c "\copy (SELECT * FROM table_name) TO '/tmp/export.csv' WITH CSV HEADER" ... redis-cli -h host -p 6379 -a password KEYS "*"
Add WHERE clauses and LIMITs for exports, choose safe output paths, and use Redis SCAN instead of KEYS "*" on production-sized databases.
Installing external tools changes the local environment and depends on the trustworthiness of the package source.
The skill relies on external database command-line clients installed by the user. This is normal for the purpose, and there is no automatic install script in the provided artifacts.
CLI Tool | Install (macOS) | Install (Linux) ... psql ... brew install postgresql ... apt install postgresql-client
Install database clients only from trusted package managers or official vendor documentation, and verify what will be installed.