Django Claw

This skill largely matches its description, but there are a few things to consider before installing: - Gateway config modification: The setup script injects DJANGO_* env vars into ~/.openclaw/openclaw.json (the gateway config). That changes a central config file, not just the skill's own directory. If you don't want global env changes, do not run the setup wizard or review/disable the injection lines in setup.sh first. - Arbitrary code execution: The shell/run-query feature intentionally runs arbitrary Python inside your Django project. This is required for the skill's purpose, but it also means any code executed (including by an agent) can read/write data, secrets, or exfiltrate information. The script blocks some keywords via grep, but that is not a foolproof sanitizer. - Interactive setup auto-run: If the skill is invoked without config, load-config.sh will run setup.sh automatically. That can lead to interactive prompts or unexpected writes during automated agent runs. Consider pre-configuring ~/.openclaw/skills/django-claw/config.json manually before granting agent access. - Audit the files: Review setup.sh, load-config.sh, and run-query.sh before use. If you accept the skill, run the setup in a safe/test environment and inspect ~/.openclaw/openclaw.json after setup. - Production caution: For production targets, enable read-only mode (django-claw readonly on) to block migrate/makemigrations/shell; still assume read-only does not prevent data reads. Avoid allowing autonomous model invocation for sensitive production projects unless you fully trust the skill and its maintainer. - Additional information that would raise confidence: an official homepage or repository with maintainer identity, a reason why gateway env injection is necessary (and a toggle to disable it), stronger/sandboxed protections for run-query, and non-interactive setup options for automated environments.