ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

DB Readonly

v1.0.0

Run safe read-only queries against MySQL or PostgreSQL for data inspection, reporting, and troubleshooting. Use when the user asks to read tables, inspect schema, count rows, sample data, or export query results without modifying data.

0· 1.4k·3 current·3 all-time
byReed@reed1898

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for reed1898/db-readonly.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "DB Readonly" (reed1898/db-readonly) from ClawHub.
Skill page: https://clawhub.ai/reed1898/db-readonly
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install reed1898/db-readonly

ClawHub CLI

Package manager switcher

npx clawhub@latest install db-readonly
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description promise (read-only DB inspection for Postgres/MySQL) aligns with the script's behavior, but the skill metadata declares no required env vars/credentials while both SKILL.md and scripts rely on multiple DB credential env vars (PG*/MYSQL_*). That mismatch is a meaningful incoherence.
Instruction Scope
SKILL.md limits actions to read-only queries and points to the script; it documents the connection env vars and safety rules. The runtime instructions do not instruct the agent to access unrelated files or external endpoints. However, the guidance to "avoid printing secrets" is advisory only and not enforced.
Install Mechanism
No install spec (instruction-only + included script). Nothing is downloaded or written by an installer, which is low-risk from an install vector perspective.
!
Credentials
The skill needs DB credentials (PGHOST/PGDATABASE/PGUSER/PGPASSWORD or MYSQL_HOST/MYSQL_USER/MYSQL_PASSWORD, etc.) but the registry lists none. The script exports MYSQL_PWD and PGPASSWORD and expects those env vars to exist — using these env-based secrets is functional but can be risky (possible exposure in environment, saved outputs, or misconfiguration). Required credentials are not declared in metadata, which prevents automated checks and least-privilege enforcement.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges or modify other skills/configs. Autonomous invocation is allowed (platform default) but not combined with other dangerous privileges here.
What to consider before installing
This skill appears to do what it claims (run read-only queries), but the package metadata failing to declare the required DB environment variables is a red flag — the skill will require your DB credentials even though that isn't advertised. Before installing or using it: (1) require the publisher to update metadata to list required env vars and clarify how secrets are handled; (2) only run against non-production or read-only accounts; create and use a DB user with minimal read-only privileges and limited schemas; (3) inspect and test the script in an isolated environment — note it exports PGPASSWORD/MYSQL_PWD which can be exposed by some system tools; prefer client-side auth methods (.pgpass, socket auth, or IAM-based short-lived creds) if available; (4) be cautious when using --out (files may contain sensitive data) and avoid running complex user-provided SQL without review; and (5) if you must proceed, run the script on a guarded workstation/network and validate output before sharing. If the author cannot justify the missing metadata or confirm safe handling of credentials, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk972zcprt07xtz5vtcfjwq3geh80wmks
1.4kdownloads
0stars
1versions
Updated 8h ago
v1.0.0
MIT-0
Reed@reed1898
latest
Download

db-readonly

Use this skill for database read tasks only.

What this skill does

  • Connect to PostgreSQL or MySQL using connection env vars
  • Execute SELECT / WITH / EXPLAIN queries only
  • Optionally save output to CSV/TSV/JSON
  • Block risky SQL (INSERT, UPDATE, DELETE, DROP, ALTER, etc.)

Connection env vars

PostgreSQL

  • PGHOST
  • PGPORT (optional, default 5432)
  • PGDATABASE
  • PGUSER
  • PGPASSWORD

MySQL

  • MYSQL_HOST
  • MYSQL_PORT (optional, default 3306)
  • MYSQL_DATABASE
  • MYSQL_USER
  • MYSQL_PASSWORD

Run

Use script:

  • scripts/db_readonly.sh postgres "SELECT now();"
  • scripts/db_readonly.sh mysql "SELECT NOW();"

Export example:

  • scripts/db_readonly.sh postgres "SELECT * FROM users LIMIT 100" --format csv --out /tmp/users.csv

Safety rules

  1. Refuse non-read SQL.
  2. Prefer LIMIT for exploratory queries.
  3. When user asks for updates/deletes/schema changes, ask explicit confirmation and do not run via this skill.
  4. Avoid printing secrets from env vars.

Reference

  • Query cookbook: references/query-cookbook.md

Comments

Loading comments...