Db Explorer
ReviewAudited by ClawScan on May 15, 2026.
Overview
Db Explorer is a coherent instruction-only database helper with read-only and confirmation safeguards, but it needs database credentials and can access or export sensitive data.
Install only if you are comfortable giving the agent database connection details and supervising its queries. Prefer read-only or temporary credentials, avoid production admin accounts, review commands before execution, and be careful with exports because they may write sensitive data to local files.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user approves the wrong command or uses an over-privileged database account, database contents could be changed or exported.
The skill can guide the agent to run database commands, including potentially mutating operations, but it instructs the agent to require explicit confirmation before writes.
Never run INSERT/UPDATE/DELETE/DROP without explicit user confirmation
Use read-only database accounts by default, review every command before execution, and only approve writes when the exact effect is understood.
The agent may receive credentials that can read, export, or potentially modify sensitive database data.
Database credentials are expected for this skill, but they grant whatever privileges the supplied database account has.
Ask the user for: ... Connection string OR host/port/database/user/password
Provide scoped, least-privilege credentials, avoid admin accounts for exploration, and rotate credentials if they are pasted into chat or command logs.
Installing command-line database clients changes the local environment and relies on the user’s package sources.
The skill documents installing external database CLI clients. These are standard tools for the stated purpose and are not automatically installed by the skill.
brew install postgresql ... apt install postgresql-client ... brew install mysql ... apt install mysql-client
Install database clients only from trusted package managers or vendor sources and keep them updated.