Back to skill
Skillv1.0.1
ClawScan security
SQL Master · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 27, 2026, 10:31 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code, documentation, and runtime instructions are consistent with a SQL-focused assistant that can generate SQL, connect to databases, load local files, and produce visualizations — nothing in the provided materials indicates deliberate misdirection, but you should review dependencies and avoid giving high‑privilege credentials to untrusted code.
- Guidance
- This skill appears to do what it says: generate and optimize SQL, connect to databases, load local files, and build charts/reports. Before installing: (1) Inspect requirements.txt to see which Python packages will be installed and whether any network-capable packages are included; (2) Prefer running installation inside an isolated virtualenv/container; (3) Never paste high-privilege production credentials into examples — create a read-only or limited user for testing; (4) If you plan to allow the skill to connect to databases or local files, review the scripts (database_connector.py, file_connector.py, unified_pipeline.py) for any unexpected network calls or uploads; (5) Because the package owner is unknown and there is no formal install spec in the registry metadata, exercise standard caution (sandbox install, review third-party dependencies). If you can share the requirements.txt and the full content of the connector scripts, I can re-check for network endpoints, hard-coded secrets, or suspicious behavior and raise the confidence of this assessment.
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md, and included scripts (database_connector.py, file_connector.py, pipeline modules and many SQL reference docs) align: the skill implements SQL generation/diagnosis, local file loading, DB connectors and pipeline orchestration for visualization/reporting. The declared capabilities reasonably explain the included files.
- Instruction Scope
- noteRuntime instructions focus on installing Python dependencies and using the provided pipeline and connectors. They explicitly enable reading local files (CSV/Excel/SQLite) and connecting to databases when the user supplies connection parameters. The SKILL.md does not instruct the agent to read unrelated system config or to transmit data to unknown external endpoints. Note: the documentation expects the user/agent to provide DB credentials at call time (via function args), so credential handling happens at runtime and is not declared as environment requirements.
- Install Mechanism
- noteNo formal install spec was declared in the metadata, but SKILL.md tells users to run 'skillhub_install install_skill sql-master' or 'pip install -r requirements.txt'. The code bundle includes a requirements.txt (contents not shown). This is a common pattern; risk is the usual pip dependency risk (third‑party packages may be pulled). There are no obvious download-from-URL or archive-extract instructions in the provided materials.
- Credentials
- okThe registry metadata does not request environment variables or credentials. The skill requires credentials only when the user chooses to connect to a DB (credentials are provided as function parameters in examples). This is proportionate to its purpose. Users should avoid supplying production/high-privilege credentials to untrusted skills.
- Persistence & Privilege
- okThe skill does not request always:true, does not declare privileged persistence, and does not attempt to modify other skills/configs in the provided docs. It runs as an optional skill and expects explicit invocation or user-supplied actions.