ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Dev Machine Database

通过 SSH 连接开发机 datax,查询 MySQL dw 库中的表结构、数据及统计信息,支持只读 select 操作并限制50条记录。

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 40 · 1 current installs · 1 all-time installs
by@alexmayanjun-collab
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims only to perform read-only SELECTs over SSH to host 'datax', which is consistent with the examples. However the included script embeds a MySQL root username and a plaintext password and assumes a Docker container name. The skill declares no required env vars or credentials even though it clearly needs SSH access and DB credentials; that mismatch is a coherence problem.
!
Instruction Scope
SKILL.md instructs making SSH calls and running mysql commands (expected), but also references sending results to Feishu and workspace config files that aren't present. The script builds shell commands directly from inputs (table/where/sql) and then passes them to ssh subprocess calls without sanitization, creating command-injection risk and scope creep beyond simple safe SELECTs.
Install Mechanism
No install spec (instruction-only plus an included script) — lowest install risk. However a shipped code file contains plaintext DB credentials and will be stored on disk when installed, which is a risk even though there's no installer downloading remote code.
!
Credentials
The skill requests no environment variables or primary credential in its metadata, yet the code requires SSH access to 'datax' and hard-codes MYSQL_USER and MYSQL_PASSWORD. Requesting root DB credentials (and storing them in code) is disproportionate and not documented in the manifest. The skill also assumes presence of 'docker' on the remote host and an accessible 'mysql' container.
Persistence & Privilege
always is false and the skill does not request permanent agent-wide privileges. There is no evidence it modifies other skills or global config. Autonomous invocation is allowed by default, which is normal, but combine this with the other concerns when deciding whether to enable.
What to consider before installing
Do not install or run this skill without remediation. Specific concerns: - The included script contains hard-coded DB credentials (root / "123456") and assumes SSH access to a host named 'datax' and a Docker 'mysql' container. The skill metadata does not declare any credentials or secrets — this is inconsistent and unsafe. - The script builds shell commands from user-supplied names/SQL and calls ssh subprocesses directly, which can allow command injection and arbitrary remote command execution if inputs are not strictly validated. - SKILL.md mentions sending results to Feishu and config files that are not provided; clarify where external integrations and secrets will be stored. What to ask the author or change before use: - Remove hard-coded credentials; require secrets be provided via declared env vars or a secure secrets store and document required SSH credentials explicitly. - Sanitize/whitelist table names and disallow arbitrary SQL that could lead to shell injection; enforce read-only checks server-side where possible. - Provide clear install/config instructions for SSH keys or agent forwarding, and disclose any external integrations (Feishu) with required tokens. - Rotate any exposed credentials immediately if they were real, and consider not running this skill on production systems. If you cannot get these changes, classify the skill as unsafe to enable because it can leak credentials or execute unintended commands on your development host.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97146dk6hj1w08kp5gah3rxxd83mtn8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

开发机数据库查询技能

功能

通过 SSH 连接到开发机 (datax),查询 MySQL 数据库中的 dw 库

触发词

  • "去草坪上 dw 库看一下"
  • "开发机 MySQL 查询"
  • "查询 dw 库的 [表名]"
  • "草坪上的 MySQL dw 库"
  • "datax 数据库查询"

配置信息

开发机配置

  • 主机名: datax
  • 工作目录: /mnt/www
  • 数据库类型: MySQL
  • 数据库名: dw (可能有多个:dw, dw库, data_warehouse 等)

数据库连接

# 连接方式
ssh datax "mysql -u [用户] -p[密码] [数据库名] -e 'SQL 语句'"

# 或者直接登录
ssh datax "mysql -h localhost -u [用户] -p[密码]"

使用示例

示例 1:查看表列表

用户: "去草坪上 dw 库看一下有哪些表"

执行:

ssh datax "mysql -h localhost -u [用户] -p[密码] dw -e 'show tables;'"

回复: 表列表

示例 2:查询用户数据

用户: "查看 dw 库的 tr_user 有哪些用户"

执行:

ssh datax "mysql -h localhost -u [用户] -p[密码] dw -e 'select * from tr_user limit 50;'"

回复: 用户列表表格

示例 3:查询表结构

用户: "tr_user 表结构是什么样的"

执行:

ssh datax "mysql -h localhost -u [用户] -p[密码] dw -e 'desc tr_user;'"

回复: 表结构详情

示例 4:统计信息

用户: "dw 库的 tr_user 表有多少条数据"

执行:

ssh datax "mysql -h localhost -u [用户] -p[密码] dw -e 'select count(*) from tr_user;'"

回复: 数据统计

数据库信息

可能的数据库名

数据库名说明
dw数据仓库主库
dw库中文别名
data_warehouse英文全称
sg_alith_sync_fle_tra泰国项目库

常见表

表名说明
tr_user用户表
tr_order订单表
tr_store门店表
tr_client客户表

执行流程

  1. 接收查询指令

    • 解析用户意图
    • 提取数据库名、表名、查询条件

  2. 构建 SQL 语句

    • 根据意图生成对应 SQL
    • 添加 LIMIT 限制(默认 50 条)

  3. SSH 执行

    • 连接到 datax 开发机
    • 执行 MySQL 查询
    • 获取结果

  4. 格式化输出

    • 表格形式展示
    • 添加统计信息
    • 发送到飞书

安全注意事项

  1. 只读操作 - 只执行 SELECT 查询,不执行 INSERT/UPDATE/DELETE
  2. LIMIT 限制 - 默认 LIMIT 50,避免大数据量
  3. 密码保护 - MySQL 密码不输出到日志
  4. 权限控制 - 只查询授权的数据库和表

相关文件

  • 技能位置:~/.openclaw/workspace/skills/dev-machine-database/SKILL.md
  • 脚本位置:~/.openclaw/workspace/skills/dev-machine-database/query_db.py
  • 配置位置:~/.openclaw/workspace/TOOLS.md (开发机配置)

更新日志

2026-03-04

  • ✅ 创建技能
  • ✅ 支持 MySQL 查询
  • ✅ 集成飞书发送
  • ✅ 支持多种触发词

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…