DB Readonly
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent database query helper, but it needs review because its read-only protection is weak for privileged databases and its credential/tool requirements are under-declared.
Install only if you can provide a dedicated read-only database account and are comfortable reviewing every query before it runs. Do not give this skill admin or write-capable database credentials, and choose export paths carefully because query results may contain sensitive data.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A generated or copied query could still have database side effects if it uses SQL forms not covered by the denylist or if the provided database account has write/admin privileges.
The script accepts supplied SQL and sends it to database CLIs after a finite keyword denylist and prefix check; it does not enforce a database read-only role/transaction, a parser-backed allowlist, or a single-statement boundary.
SQL="$2" ... grep -Eq '(^|[^a-z])(insert|update|delete|drop|alter|create|truncate|grant|revoke|replace|merge|call|do)([^a-z]|$)' ... psql_cmd+=( -P pager=off -c "$SQL" )
Use only dedicated read-only database accounts, require user review for every query, and strengthen enforcement with database-side read-only permissions plus a stricter parser or allowlisted query builder.
The agent may be able to inspect sensitive database tables, and the real permission boundary depends entirely on the database user you provide.
The skill requires database password environment variables. This is expected for the purpose, but it gives the agent the privileges of those DB accounts and is not reflected in the registry credential declarations.
`PGPASSWORD` ... `MYSQL_PASSWORD`
Provide credentials only for a least-privilege read-only account, and avoid exposing production/admin database passwords to the agent.
Installation or use may fail unexpectedly, and users may not notice that the skill relies on existing local database CLI tools.
The script depends on local PostgreSQL/MySQL clients, while the registry requirements list no required binaries. The dependencies are purpose-aligned but under-declared.
command -v psql >/dev/null 2>&1 || { echo "psql not found" ... }; ... command -v mysql >/dev/null 2>&1 || { echo "mysql client not found" ... }Declare psql/mysql client requirements and the needed environment variables in the registry metadata.