SQL Database Toolkit
ReviewAudited by ClawScan on May 10, 2026.
Overview
The toolkit appears purpose-aligned for SQL analysis, but it can execute SQL against real databases without clear read-only or confirmation limits.
Review this skill before installing if you will connect it to important databases. Use a sandbox or read-only account first, inspect the Python dependencies, and require manual approval for any SQL that changes data or database structure.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If connected with write-capable credentials, generated or user-provided SQL could change, delete, lock, or otherwise affect real database data.
The skill is designed to generate and execute SQL, but the artifacts do not define read-only limits, confirmation requirements, transaction safety, or restrictions on high-impact SQL.
SQL 查询执行:自然语言转 SQL、SQL 执行与优化、查询结果分析
Use a read-only database account by default, require explicit user confirmation for INSERT/UPDATE/DELETE/DDL/admin commands, and test queries on non-production data first.
Using an admin database account gives the tool more authority than is usually needed for analysis.
The database connection example uses username/password credentials and shows a privileged `root` account, which is expected for a database toolkit but should be scoped carefully.
username="root", password="xxx", database="sales_db"
Create a least-privilege account, preferably read-only for analysis workflows, and avoid using root/admin credentials unless absolutely necessary.
Installing dependencies can add third-party code to the user’s environment.
The skill requires Python dependency installation. This is normal for the stated purpose, but dependency installation should be reviewed because the registry source is unknown and there is no install spec.
pip install -r requirements.txt
Inspect `requirements.txt`, install in a virtual environment, and pin/audit dependencies before using the toolkit on sensitive systems.
Chart rendering code could execute JavaScript in the rendering context, especially if users paste or generate untrusted chart scripts.
The reference documentation describes executing JavaScript through a canvas eval action for chart rendering. This is purpose-aligned, but it is still dynamic code execution.
通过 `canvas` 工具的 `eval` action 执行 JavaScript,渲染 Chart.js 图表。
Use trusted chart templates, avoid inserting unsanitized data into JavaScript, and prefer saved static outputs for sensitive data.