ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

SQL Data Analyst

v1.0.0

Natural language to SQL. Ask questions about your data in plain English, get queries, results, and explanations. Supports SQLite, PostgreSQL, and MySQL. Impo...

1· 288·1 current·1 all-time
by@philipstark
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the behavior in SKILL.md and the included config files. The skill is designed to translate questions into SQL, execute queries, import CSVs into a local SQLite DB, and save queries — all of which are reflected in config/connections.json, README.md, and SKILL.md. The Postgres/MySQL password_env entries (PG_PASSWORD, MYSQL_PASSWORD) in the templates are appropriate and expected for DB connectors.
Instruction Scope
Instructions explicitly direct the agent to inspect schemas, read CSV files, create/use a local SQLite DB at ./data/analyst.db, store schemas under ./data/schemas/, and save queries under ./config/. It also auto-executes SELECT queries by default per settings (auto_execute_select: true). This behavior is coherent with the skill purpose but users should be aware the skill will read arbitrary files/databases they point it at and will write schema and saved-query files to the workspace.
Install Mechanism
No install spec or external downloads — instruction-only skill. Nothing is written from an installer; the runtime writes standard local files (DB and config) as described. This is the lowest-risk install model.
Credentials
No required environment variables are declared. The config templates reference PG_PASSWORD and MYSQL_PASSWORD as optional password_env names, which is proportionate and expected for optional PostgreSQL/MySQL connections. There are no unrelated credentials requested.
Persistence & Privilege
always:false and user-invocable:true (defaults) — no unusual privileges. The skill will create and modify files under ./data and ./config (schemas, the SQLite DB, saved-queries.json, logs) and may auto-connect to the local SQLite per config. Users should expect local file persistence but there is no evidence the skill modifies other skills or requests system-wide privileges.
Assessment
This skill appears internally consistent with its stated purpose. Before installing or using it: 1) Do not point it at sensitive production databases unless you intend it to access them — give it a dedicated read-only user or a copy of data when possible. 2) Review and, if needed, edit config/connections.json to disable auto_connect or auto_execute_select and to ensure log_queries and file paths meet your policy. 3) Be aware it will create files under ./data and ./config (analyst.db, schemas, saved-queries.json). 4) If connecting to Postgres/MySQL, prefer creating least-privilege credentials and supply passwords via environment variables as indicated (PG_PASSWORD, MYSQL_PASSWORD). 5) There are no signs of external network exfiltration in the provided files, but if the runtime environment allows outbound network access, treat any query results you export with the same caution as any local data export.

Like a lobster shell, security has layers — review code before you run it.

analyticsvk97b09q2gb38qezat6pnhacpsd82rx10csvvk97b09q2gb38qezat6pnhacpsd82rx10datavk97b09q2gb38qezat6pnhacpsd82rx10databasevk97b09q2gb38qezat6pnhacpsd82rx10latestvk97b09q2gb38qezat6pnhacpsd82rx10mysqlvk97b09q2gb38qezat6pnhacpsd82rx10postgresqlvk97b09q2gb38qezat6pnhacpsd82rx10sqlvk97b09q2gb38qezat6pnhacpsd82rx10sqlitevk97b09q2gb38qezat6pnhacpsd82rx10

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments