Skillv1.0.0

ClawScan security

数据库健康监控 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 8:06 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's description and commands match a DB-monitoring purpose, but the runtime instructions assume a CLI and access to databases/monitoring systems while declaring no required binaries, install steps, or credentials — a clear mismatch that needs clarification before use.
Guidance: Do not install or enable this skill until the publisher clarifies where the 'dbskiter' binary comes from, how it will be installed, and exactly what credentials or API tokens it requires. Questions to ask the author: 1) Provide the install URL or package (official release or package name) for 'dbskiter' and a checksum/signature. 2) List all required environment variables, config files, or credentials (DB user/passwords, Prometheus/Zabbix API tokens) and explain how the agent will obtain them. 3) Explain network endpoints the tool contacts and whether any data is sent to external servers not under your control. If you must proceed, run the skill only in a sandboxed or monitored environment and provide the least-privileged credentials possible. If the author supplies an install spec and explicit credential requirements that align with the described purpose (and the install source is a trusted project/release), that would reduce the concern.

Review Dimensions

Purpose & Capability: concernThe SKILL.md clearly intends to invoke a local CLI tool named 'dbskiter' and to access data sources (direct DB connections, Prometheus, Zabbix). However the skill metadata lists no required binaries, no install spec, and no homepage/source. Requiring access to Oracle/Zabbix/Prometheus/direct DBs is coherent with a DB monitoring purpose, but the skill does not declare or request the credentials, binaries, or network access that would actually be needed.
Instruction Scope: concernInstructions instruct the agent to run many 'dbskiter' CLI commands (health, anomalies, collect, history, capacity-advanced, trend, compare). They implicitly require network/database credentials and reachable monitoring endpoints. The SKILL.md does not instruct how to obtain or supply those credentials, nor does it limit where data is sent. The instructions assume existing system-level tooling and access without declaring or constraining them.
Install Mechanism: noteThere is no install spec (instruction-only). That reduces surface risk from arbitrary code downloads, but it increases dependency-on-host risk: the CLI 'dbskiter' must already exist on the host. The skill fails to declare that dependency in the registry metadata (required binaries list is empty), which is an inconsistency.
Credentials: concernThe skill declares no required environment variables or credentials, yet its functionality requires access to databases and monitoring systems (which normally need DB credentials, API tokens for Prometheus/Zabbix, or at least agent access). This omission is disproportionate: either the skill expects existing system-level credentials (not disclosed) or the metadata is incomplete — both are concerning from a security/least-privilege perspective.
Persistence & Privilege: okThe skill is not always-enabled, does not request special persistent privileges, and has no install-time actions declared. Autonomous invocation is permitted (platform default) but there are no additional privilege flags set. There is no evidence it modifies other skills or agent-wide settings.