Migration Architect
v2.1.1Migration Architect
⭐ 0· 648·5 current·5 all-time
byAlireza Rezvani@alirezarezvani
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description, README, SKILL.md, sample assets, and the three scripts (migration_planner.py, compatibility_checker.py, rollback_generator.py) all match the declared migration/rollback planning purpose. There are no declared env vars, binaries, or config paths that are unrelated to migrations.
Instruction Scope
SKILL.md and README describe generating plans, compatibility reports, and rollback runbooks and show CLI usage that operates on local JSON/schema files. That scope is appropriate. Note: the documentation and expected outputs include SQL snippets and commands (pg_restore, DROP TABLE, SELECT queries). The skill does not declare how database credentials or connections are supplied; running the scripts in practice will require database access and may perform destructive operations if run against live systems.
Install Mechanism
No install spec (instruction-only at registry level) and ships with plain Python scripts and docs. No downloads from external or untrusted URLs are specified. This is low-risk from an install mechanism perspective; code will exist on disk as part of the skill bundle but is not auto-downloaded at install time.
Credentials
The skill declares no required environment variables or credentials, which is consistent with the provided docs that operate on local input files. However, practical use (executing generated SQL, running pg_restore, integrating with databases, CI/CD, monitoring, or Slack/PagerDuty) will require credentials and external integration configuration that the skill does not declare. Users should supply those credentials at runtime in a controlled manner and avoid exposing broad secrets to the agent.
Persistence & Privilege
always is false, autonomous invocation is allowed (default) and appropriate for a user-invocable engineering tool. The skill does not request elevated platform privileges or claim to modify other skills' configs.
Assessment
This skill bundle appears coherent for migration planning and rollback generation, but it includes scripts and runbooks that produce SQL and shell commands which can be destructive if executed against production. Before using: 1) Review the Python scripts (migration_planner.py, compatibility_checker.py, rollback_generator.py) to understand any shell calls or automatic execution paths. 2) Do not run the scripts against production databases without verifying credentials, backups, and a safe test/staging environment. 3) Provide database credentials and integration tokens only to processes you control (avoid pasting secrets into an agent prompt). 4) Run the tools in an isolated environment (CI sandbox or developer VM) and inspect generated SQL/rollback runbooks before applying. If you want, I can scan the full source of the three scripts for potential shell-exec, network calls, or other risky patterns — that would improve confidence further.Like a lobster shell, security has layers — review code before you run it.
latestvk9783c6aprbqf1whw8wvm1hqz182ngz3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.