Database Migration
v1.0.0Execute database migrations across ORMs and platforms with zero-downtime strategies, data transformation, and rollback procedures. Use when migrating databas...
⭐ 0· 0·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill's name, description, and SKILL.md content align: it provides migration patterns for Sequelize, TypeORM, Prisma and describes zero-downtime and rollback strategies. One mismatch: the metadata declares no required binaries, but the instructions reference npx, npm scripts, prisma and sequelize-cli commands — so the skill omits declaring the real-world tooling it expects.
Instruction Scope
All instructions and code snippets stay within the domain of database migrations: creating/dropping tables, adding/renaming columns, copying/transformation queries, and CLI migration commands. The guidance includes SQL UPDATEs and potentially destructive operations (DROP, REMOVE COLUMN) which are appropriate for a migration skill but inherently risky if run without backups or staging.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so nothing will be written to disk by the skill package itself. That is low-risk from an install perspective. However, the runtime instructions assume use of external CLIs (npm/npx/prisma/cli) which the skill does not install.
Credentials
The skill declares no required environment variables or primary credential, yet in practice migrations require database connection strings/credentials (e.g., DATABASE_URL) to be present in the environment or config. The SKILL.md does not ask the agent to read system or unrelated credentials, but it assumes DB access will be provided externally — the absence of declared required env vars is a transparency gap.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It does not request to modify other skills or system-wide agent settings. There is no evidence the skill persistently stores or escalates privileges on the agent platform.
Assessment
This skill is a collection of migration recipes, not an agent that will fetch secrets or install itself. Before using: (1) ensure the Node/ORM CLIs referenced (npx, npm, prisma, sequelize-cli, typeorm) are available on the system; (2) run all changes first in a staging environment and take full backups/snapshots; (3) review every SQL UPDATE/DROP in the snippets to confirm they match your schema and constraints; (4) never paste production DB credentials into untrusted prompts — supply connection strings only to the migration runtime you control; (5) if you need automated execution, prefer running these scripts from a CI pipeline or a controlled maintenance window rather than letting an agent run them autonomously.Like a lobster shell, security has layers — review code before you run it.
latestvk97025sba784gfa9562a51rh6x84nmpk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.