sql-explain
v1.0.0解析并解读 PostgreSQL、MySQL、SQLite 的 SQL 执行计划,提供性能问题识别与优化建议。
⭐ 0· 35·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the provided code and SKILL.md. The code implements formatting, basic syntax checks, structure analysis, NL->SQL templates, and parsing of EXPLAIN output using sqlparse and regex — all coherent with 'sql-explain'. No unrelated environment variables, binaries, or cloud credentials are requested.
Instruction Scope
SKILL.md and README keep scope to parsing/analysis/formatting/generation of SQL and EXPLAIN outputs. Minor inconsistencies: SKILL.md mentions using the 'sqlean' explain module OR sqlparse+rules, but the included code uses only sqlparse/regex. README also contrasts an "AI Skill" that may rely on an AI API with the local CLI, yet the skill declares no external API keys; these are documentation mismatches rather than evidence of out-of-scope behavior. The runtime instructions do not tell the agent to read unrelated files, env vars, or transmit data externally.
Install Mechanism
No install spec in the registry; the package is instruction-only for the agent and the repository provides Python scripts. The README suggests pip install sqlparse or curling a raw GitHub file (a placeholder URL). No automated remote downloads or obscure URLs are included in the skill metadata/install spec.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The code does not read environment variables or attempt to access external secrets; requested resources are proportional to a local parsing/analysis tool.
Persistence & Privilege
always is false and the skill does not request persistent system-level presence. The CLI optionally suggests creating a symlink for convenience, but there is no code that modifies other skills, system-wide agent settings, or stores cross-skill credentials.
Assessment
This skill appears to be a local, coherent SQL explain/format/check tool. Before installing or running: (1) verify the source (the README's curl URL is a placeholder—avoid running downloaded scripts from unknown repos), (2) prefer installing the dependency via pip (pip install sqlparse) and review sql_explain.py if you plan to run it, (3) run the included tests (pytest) in a sandbox to confirm behavior, and (4) note minor documentation mismatches (references to 'sqlean' and an "AI API" in docs) — these are likely harmless but worth clarifying with the publisher if you need certainty. No credentials or network access are required by the code as provided.Like a lobster shell, security has layers — review code before you run it.
latestvk973q2rk401w46f2yb6hjtef4184ashp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.