ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

SQL Connector

v2.1.0

Generic SQL Server connectivity for OpenClaw agents. Use when: (1) executing parameterized queries against SQL Server, (2) building repository layers that ne...

0· 163·0 current·0 all-time
byOblio@oblio-falootin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's stated purpose (MSSQL connectivity) matches the code: it uses pymssql and exposes get_connector/execute/query/scalar. However, the registry metadata claims no required environment variables or config paths while both SKILL.md and the code clearly expect and load SQL_* credentials—this mismatch is incoherent and should have been declared.
!
Instruction Scope
SKILL.md and code direct the agent to rely on environment variables and a .env file. The code walks up to 5 parent directories to find and load a .env at import time (load_dotenv with override=True). That means simply importing the skill may read secrets from disk outside the skill directory, which expands the skill's scope beyond a typical connector and should have been documented and declared as a required config path.
Install Mechanism
There is no install spec (instruction-only), which limits what is written to disk. SKILL.md instructs pip install pymssql and python-dotenv; these are expected for the implementation. No remote download or opaque install mechanism is present. Still, runtime requires native pymssql (native dependencies) which may be nontrivial to install.
!
Credentials
The connector requires database credentials (SQL_* variables) and will read them from environment or a discovered .env, but none are declared in the registry metadata and no primaryEnv is set. The code also provides defaults (e.g., local server 10.0.0.110, default user 'oblio'), which could cause unintended attempts to contact internal hosts. Requiring unspecified secrets is disproportionate and should be explicit.
Persistence & Privilege
The skill is not marked always:true and does not modify other skills or system configuration. It does perform a filesystem lookup for .env at import time but does not write persistent settings or enable itself automatically; no elevated persistence is requested.
What to consider before installing
Before installing or enabling this skill: (1) recognize it requires database credentials (SQL_* env vars) even though the registry metadata doesn't list them—treat these as sensitive. (2) The code will search parent directories and load a .env file at import time (which can expose secrets from outside the skill folder); prefer explicit, deliberate loading of credentials instead of automatic .env discovery. (3) Confirm you trust the skill owner and audit the code (sql_connector.py) yourself; ensure your runtime prevents unexpected network access to internal hosts (note the default local IP 10.0.0.110). (4) If you will use it, require the author to update registry metadata to declare required env/config paths and to remove or change the import-time .env loading (load only when get_connector() is called or require an explicit path). (5) Make sure pymssql's native dependencies are acceptable for your environment and avoid using default credentials or servers. If you cannot verify these changes, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk977tjavdbjknvjv5f4tszds1s83njf6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments