KameleonDB
PassAudited by ClawScan on May 10, 2026.
Overview
KameleonDB is a coherent database-memory helper, but it gives an agent persistent database access and data/schema mutation abilities that should be scoped carefully.
This skill appears purpose-aligned for agent-managed structured memory. Before installing, choose a dedicated SQLite file or least-privilege database, avoid storing secrets or broad private data by default, keep backups, and decide when the agent must ask before changing schemas, deleting fields, or updating important records.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled broadly, the agent could change database structure or records without asking for every individual change.
The skill intentionally lets an agent create schemas, insert data, evolve structure, and optimize storage. This is purpose-aligned for a database skill, but it is still mutation authority over persistent data.
The agent owns the entire data lifecycle - from initial schema design through optimization - without human intervention.
Use a dedicated database, keep backups, and require explicit approval for destructive or production-impacting schema/data changes.
A high-privilege database URL could let the agent read or modify more data than intended.
The database URL may include credentials. This is expected for database connectivity, but the credential controls whatever database permissions that account has.
Set `KAMELEONDB_URL="postgresql://user:pass@localhost/dbname"`
Use a least-privilege database user, prefer a dedicated database for agent memory, and avoid placing credential-bearing URLs in shared memory or logs.
Installing the external package means trusting code outside the reviewed skill files.
The reviewed skill is instruction-only and relies on an external PyPI package/binary that was not included in the provided code artifacts. This is normal for a CLI integration, but provenance and version pinning matter.
pip install kameleondb[postgresql]
Install from the official source, pin an expected version, and review the package/repository before using it with sensitive or production data.
Stored records, preferences, or knowledge-base entries may be reused in future sessions, including if they are outdated, sensitive, or inaccurate.
The skill is explicitly designed as persistent memory for agents. That is coherent with its purpose, but persistent data can include sensitive information or later influence agent behavior.
Remember information across conversations ... maintain any persistent state
Define what may be stored, avoid secrets unless truly needed, review stored data periodically, and separate databases by project or trust boundary.