ClawHub

MSSQL

v1.0.2

Execute SQL Server queries and export results as delimiter-separated text. Use when the user asks to fetch, insert, update, or manage data in Microsoft SQL S...

0· 215·1 current·2 all-time
byUmbra@mohamed-hammane

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for mohamed-hammane/mssql.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "MSSQL" (mohamed-hammane/mssql) from ClawHub.
Skill page: https://clawhub.ai/mohamed-hammane/mssql
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: MSSQL_HOST, MSSQL_DB, MSSQL_USER, MSSQL_PASSWORD
Required binaries: sqlcmd
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install mssql

ClawHub CLI

Package manager switcher

npx clawhub@latest install mssql
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, required binaries (sqlcmd), and required env vars (MSSQL_HOST, MSSQL_DB, MSSQL_USER, MSSQL_PASSWORD) align with a tool that runs Microsoft SQL Server queries and exports delimiter-separated output. No unrelated services, credentials, or binaries are requested.
Instruction Scope
The SKILL.md and script keep scope to SQL Server operations. The script sources a credentials file (~/.openclaw/credentials/mssql.env) which is expected for DB access, and it can read SQL from a user-specified file path (--file). Sourcing the env file means if that file contains malicious shell code it would be executed; this is an operational risk (not mismatch) and should be mitigated by protecting the file and its contents. The script also exports MSSQL_PASSWORD into SQLCMDPASSWORD (to avoid showing it on the process command line) — expected behavior for sqlcmd usage.
Install Mechanism
No install spec is provided (instruction-only plus a small script), so nothing is downloaded or written during install by the skill itself. Requiring sqlcmd to be present is appropriate and proportionate.
Credentials
The skill requests only the environment variables necessary for connecting to SQL Server (host, DB, user, password, optional port/encryption flags). The number and type of env vars are appropriate for the stated functionality. No unrelated credentials are requested.
Persistence & Privilege
always:false (default) and no install-time changes to other skills or system-wide settings are requested. The skill does not attempt to persist beyond its own files or change other skills' configuration.
Assessment
This skill appears to do what it says: run SQL Server queries via sqlcmd and emit delimiter-separated text. Before installing or using it, consider the following practical precautions: - Protect the credential file (~/.openclaw/credentials/mssql.env): it is sourced by the script, so it must contain only trusted variable assignments and be file-permission restricted (e.g., chmod 600). Because the script 'sources' the file, any shell commands in it would be executed. - Use least-privilege DB credentials: create a dedicated user with only the minimum permissions needed (ideally read-only for reporting tasks) to limit risk if credentials are compromised. - Review and control SQL you run: the script imposes no query-level restrictions — destructive statements (DELETE, DROP) will run if the DB user has rights. When allowing an automated agent to issue queries, limit scope and require user confirmation for privileged operations. - Secure transport and certificate options: the script supports encryption and a TRUST_CERT flag; prefer encrypted connections and only set trust-cert when you understand the implications. - Protect output files: the script can write query results to arbitrary paths via --out; ensure downstream handling of those files does not leak sensitive data. - Confirm sqlcmd version and installation source: the script expects sqlcmd v18+; install from official Microsoft packages for your platform. Given the above operational precautions, the skill is internally consistent and appropriate for its described purpose.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

DB Clawdis
Binssqlcmd
EnvMSSQL_HOST, MSSQL_DB, MSSQL_USER, MSSQL_PASSWORD
latestvk975wgwarf0w7fd29h7tcpz5th8478fa
215downloads
0stars
3versions
Updated 3w ago
v1.0.2
MIT-0
Umbra@mohamed-hammane
latest
Download

MSSQL

Run SQL Server queries using scripts/mssql_query.sh.

Quick start

  1. Ensure credentials exist at: ~/.openclaw/credentials/mssql.env
  2. Run a query: bash skills/mssql/scripts/mssql_query.sh --query "SELECT TOP 20 name FROM sys.tables"
  3. Save to file: bash skills/mssql/scripts/mssql_query.sh --query "SELECT TOP 100 * FROM dbo.MyTable" --out /tmp/mytable.dsv

Credentials format

Expected env vars in ~/.openclaw/credentials/mssql.env:

  • MSSQL_HOST
  • MSSQL_DB
  • MSSQL_USER
  • MSSQL_PASSWORD
  • Optional: MSSQL_PORT (default 1433), MSSQL_ENCRYPT (yes/no, default yes), MSSQL_TRUST_CERT (yes/no, default no), SQLCMD_BIN

The credential file path can be overridden with the MSSQL_ENV_FILE environment variable.

Permissions

Query permissions are controlled entirely at the SQL Server user level. The script does not impose any restrictions on query type — the database user's grants determine what is allowed.

Database reference map

Place your database map at references/DB_MAP.md inside this skill folder. This file tells the agent which databases, schemas, and tables to use and how they relate to each other.

See references/DB_MAP.example.md for the expected format.

Useful patterns

  • Run long query from file: bash skills/mssql/scripts/mssql_query.sh --file /path/query.sql --out /tmp/out.dsv
  • Override database: bash skills/mssql/scripts/mssql_query.sh --db OtherDB --query "SELECT TOP 10 * FROM dbo.Users"
  • Change delimiter: bash skills/mssql/scripts/mssql_query.sh --query "SELECT ..." --delim ","
  • Increase timeout: bash skills/mssql/scripts/mssql_query.sh --query "SELECT ..." --timeout 180

Output format

Output is delimiter-separated text, not RFC 4180 CSV. Fields are not quoted or escaped. This works well for structured numeric and short-text data. If your columns contain embedded delimiters, quotes, or newlines, the output may be malformed — choose a delimiter that does not appear in the data, or post-process the output.

Best practices

  • Prefer explicit columns over SELECT *.
  • Use TOP for exploratory samples.
  • Keep queries scoped to the user request.
  • Answer in business language by default; provide SQL details when requested.
  • Never print or expose credentials in responses.

Troubleshooting

  • sqlcmd not found -> install sqlcmd v18+ or set SQLCMD_BIN.
  • TLS/certificate issues on internal networks -> set MSSQL_TRUST_CERT=yes in your credentials file. The default is no (certificate validation enabled).

Comments

Loading comments...