ClawHub

SurrealDB 3

v1.3.1

Expert SurrealDB 3 architect and developer skill. SurrealQL mastery, multi-model data modeling (document, graph, vector, time-series, geospatial), schema des...

3· 743·1 current·1 all-time
byBasit Mustafa@24601
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (SurrealDB architect/developer) match the declared binaries (surreal, python3, uv), the SURREAL_* environment variables, and the shipped scripts (doctor.py, schema.py, onboard.py, schema tooling). Optional tooling (docker, gh) is documented as optional and aligns with deployment and repo-checking use-cases.
Instruction Scope
SKILL.md instructs the agent to run local health checks, schema introspection, and onboarding scripts that connect only to a user-specified SurrealDB endpoint (WebSocket/HTTP). Scripts that perform network calls or write files are documented (doctor.py/schema.py connect to endpoint; schema.py can export files; onboard.py may write a .env only after user confirmation). There are no instructions that require reading or exfiltrating unrelated system files or secrets.
Install Mechanism
Install uses Homebrew formulas (surrealdb/tap/surreal and uv). Homebrew is an auditable package manager; no remote download-and-extract or opaque binary blobs are used. The install spec is proportionate to the skill's needs (providing the SurrealDB CLI and the uv runner).
Credentials
Required environment variables are SURREAL_ENDPOINT, SURREAL_USER, SURREAL_PASS, SURREAL_NS, SURREAL_DB — all directly relevant to connecting to a SurrealDB instance. Sensitive flags are applied to user/password. No unrelated tokens or broad credentials are requested.
Persistence & Privilege
The skill is not force-included (always: false) and does not request elevated platform privileges. It may write schema export files or a local .env only in the narrow, documented cases. It does not modify other skills or system-wide agent settings.
Assessment
This skill appears to do what it says: SurrealDB tooling and agent-facing documentation/scripts. Before installing, verify you will use scoped, least-privilege SURREAL_USER/SURREAL_PASS credentials (avoid root/root on production), and only point the scripts at endpoints you control. Review scripts if you plan to run them against production (schema export, doctor checks) and confirm you explicitly opt in before allowing onboard.py to write a .env. Installing via Homebrew is preferable; if you must install from other sources, verify the upstream repository and formulas first. If you use check_upstream.py, note it invokes gh (GitHub CLI) and may query GitHub; install gh only if you trust that behavior and be mindful of any configured gh auth token on your machine.

Like a lobster shell, security has layers — review code before you run it.

ai-agentsvk97a4vdang8df7htq8cdntmwzd84kmhgdatabasevk97a4vdang8df7htq8cdntmwzd84kmhggraphvk97a4vdang8df7htq8cdntmwzd84kmhglatestvk97a4vdang8df7htq8cdntmwzd84kmhgopenclawvk97a4vdang8df7htq8cdntmwzd84kmhgsurrealdbvk97a4vdang8df7htq8cdntmwzd84kmhgvectorvk97a4vdang8df7htq8cdntmwzd84kmhg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binssurreal, python3, uv
EnvSURREAL_ENDPOINT, SURREAL_USER, SURREAL_PASS, SURREAL_NS, SURREAL_DB
Primary envSURREAL_PASS

Install

Homebrew
Bins: surreal
brew install surrealdb/tap/surreal
Homebrew
Bins: uv
brew install uv

Comments