ClawHub

SQL智能助手

Security checks across malware telemetry and agentic risk

Overview

This SQL helper is understandable, but it lets an agent run, import, export, and batch-execute database operations without clear safety checks.

Install only if you intentionally want an agent to operate configured databases through dbskiter. Use read-only or least-privilege database aliases by default, avoid production unless explicitly intended, verify the dbskiter binary and configuration, and require human confirmation before any write, import, export, batch, schema-changing, or broad SELECT operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to execute arbitrary SQL directly against a selected database, but provides no guardrails, warning banners, read-only defaults, or confirmation requirements for mutating statements. In an agent context, this can lead to accidental DELETE/UPDATE/DDL execution, data loss, privilege misuse, or unsafe execution against production systems when a user request is ambiguous or malicious.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The import feature writes external file contents into database tables, yet the skill does not warn about schema mismatch, duplicate inserts, overwrites, or corruption of production data. In an automated assistant workflow, users may invoke import on the wrong database or table, causing large-scale unintended writes with limited ability to roll back.

Missing User Warnings

High
Confidence
97% confidence
Finding
Batch execution allows multiple SQL statements from a file to run in sequence, which dramatically increases blast radius because a single invocation may contain destructive or irreversible operations. Without warnings, review steps, or restrictions, an agent could execute arbitrary migrations, drops, truncations, or mass updates from an untrusted or mistaken file against production systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal