ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

database

v1.0.0

Connect to Supabase for database operations, vector search, and storage. Use for storing data, running SQL queries, similarity search with pgvector, and mana...

0· 61·0 current·0 all-time
by@tobeyrebecca

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for tobeyrebecca/godfery-database.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "database" (tobeyrebecca/godfery-database) from ClawHub.
Skill page: https://clawhub.ai/tobeyrebecca/godfery-database
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: SKILLBOSS_API_KEY
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install tobeyrebecca/godfery-database

ClawHub CLI

Package manager switcher

npx clawhub@latest install godfery-database
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (Supabase DB operations, vector search) matches the script's behavior, but the registry's declared required env vars list only SKILLBOSS_API_KEY while the script actually requires SUPABASE_URL and SUPABASE_SERVICE_KEY (a Supabase service role key with full access). That omission is an incoherence: a database tool legitimately needs Supabase credentials, so the registry metadata should declare them.
!
Instruction Scope
SKILL.md and scripts instruct the agent to run scripts that: call Supabase REST/RPC endpoints using the service role key, run raw SQL via an exec_sql RPC, and call an external embedding service (https://api.heybossai.com/v1/pilot). The instructions reference and expect command-line tools (curl, jq) but the skill metadata did not declare these runtime dependencies. The script will transmit user query text to a third‑party embedding API — expected for vector search but worth noting.
Install Mechanism
There is no installer or external download; the skill is instruction-plus-included-script (scripts/supabase.sh). No network-based installer or archive extraction is present, which reduces install-time risk. The script itself will be installed as a file in the skill bundle.
!
Credentials
The script requires SUPABASE_SERVICE_KEY (service role key — full DB access) and SUPABASE_URL in addition to SKILLBOSS_API_KEY. The registry only lists SKILLBOSS_API_KEY. Requesting a Supabase service role key is high privilege for a skill; the credentials requested are broader than what the registry declares. Additionally, the script expects jq and curl but the declared required binaries are none.
Persistence & Privilege
always is false (good). The skill allows autonomous invocation (disable-model-invocation: false), which is the platform default. Combined with a Supabase service role key, autonomous invocation increases blast radius (an agent could run arbitrary queries in the DB). This is not a configuration error by itself, but users should be aware of the risk of giving an agent a full‑privilege DB key.
What to consider before installing
This skill implements a Supabase CLI and will need: SUPABASE_URL and a SUPABASE_SERVICE_KEY (service role key) plus SKILLBOSS_API_KEY for embeddings, and command-line tools like curl and jq. The registry metadata only declared SKILLBOSS_API_KEY, which is inconsistent — confirm the required environment variables before installing. Because the script uses a Supabase service role key (full access), only install if you trust the skill and are willing to grant full DB access; prefer creating a least-privilege API key or using row-level security and limited roles. Also verify you are comfortable sending text to the external embedding endpoint (api.heybossai.com). If you can't provide a limited key or audit the skill fully, treat this as high-risk and avoid granting service-role credentials or allowing autonomous invocation.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

EnvSKILLBOSS_API_KEY
aivk97e2vc9849fwyrsjh7pp6nkjd84zwfjlatestvk97e2vc9849fwyrsjh7pp6nkjd84zwfj
61downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@tobeyrebecca
ailatest
Download

Supabase CLI

Interact with Supabase projects: queries, CRUD, vector search, and table management.

Setup

# Required
export SUPABASE_URL="https://yourproject.supabase.co"
export SUPABASE_SERVICE_KEY="eyJhbGciOiJIUzI1NiIs..."

# Required: SkillBoss API Hub key (for vector embeddings via /v1/pilot)
export SKILLBOSS_API_KEY="your-skillboss-api-key"

# Optional: for management API
export SUPABASE_ACCESS_TOKEN="sbp_xxxxx"

Quick Commands

# SQL query
{baseDir}/scripts/supabase.sh query "SELECT * FROM users LIMIT 5"

# Insert data
{baseDir}/scripts/supabase.sh insert users '{"name": "John", "email": "john@example.com"}'

# Select with filters
{baseDir}/scripts/supabase.sh select users --eq "status:active" --limit 10

# Update
{baseDir}/scripts/supabase.sh update users '{"status": "inactive"}' --eq "id:123"

# Delete
{baseDir}/scripts/supabase.sh delete users --eq "id:123"

# Vector similarity search
{baseDir}/scripts/supabase.sh vector-search documents "search query" --match-fn match_documents --limit 5

# List tables
{baseDir}/scripts/supabase.sh tables

# Describe table
{baseDir}/scripts/supabase.sh describe users

Commands Reference

query - Run raw SQL

{baseDir}/scripts/supabase.sh query "<SQL>"

# Examples
{baseDir}/scripts/supabase.sh query "SELECT COUNT(*) FROM users"
{baseDir}/scripts/supabase.sh query "CREATE TABLE items (id serial primary key, name text)"
{baseDir}/scripts/supabase.sh query "SELECT * FROM users WHERE created_at > '2024-01-01'"

select - Query table with filters

{baseDir}/scripts/supabase.sh select <table> [options]

Options:
  --columns <cols>    Comma-separated columns (default: *)
  --eq <col:val>      Equal filter (can use multiple)
  --neq <col:val>     Not equal filter
  --gt <col:val>      Greater than
  --lt <col:val>      Less than
  --like <col:val>    Pattern match (use % for wildcard)
  --limit <n>         Limit results
  --offset <n>        Offset results
  --order <col>       Order by column
  --desc              Descending order

# Examples
{baseDir}/scripts/supabase.sh select users --eq "status:active" --limit 10
{baseDir}/scripts/supabase.sh select posts --columns "id,title,created_at" --order created_at --desc
{baseDir}/scripts/supabase.sh select products --gt "price:100" --lt "price:500"

insert - Insert row(s)

{baseDir}/scripts/supabase.sh insert <table> '<json>'

# Single row
{baseDir}/scripts/supabase.sh insert users '{"name": "Alice", "email": "alice@test.com"}'

# Multiple rows
{baseDir}/scripts/supabase.sh insert users '[{"name": "Bob"}, {"name": "Carol"}]'

update - Update rows

{baseDir}/scripts/supabase.sh update <table> '<json>' --eq <col:val>

# Example
{baseDir}/scripts/supabase.sh update users '{"status": "inactive"}' --eq "id:123"
{baseDir}/scripts/supabase.sh update posts '{"published": true}' --eq "author_id:5"

upsert - Insert or update

{baseDir}/scripts/supabase.sh upsert <table> '<json>'

# Example (requires unique constraint)
{baseDir}/scripts/supabase.sh upsert users '{"id": 1, "name": "Updated Name"}'

delete - Delete rows

{baseDir}/scripts/supabase.sh delete <table> --eq <col:val>

# Example
{baseDir}/scripts/supabase.sh delete sessions --lt "expires_at:2024-01-01"

vector-search - Similarity search with pgvector

{baseDir}/scripts/supabase.sh vector-search <table> "<query>" [options]

Options:
  --match-fn <name>     RPC function name (default: match_<table>)
  --limit <n>           Number of results (default: 5)
  --threshold <n>       Similarity threshold 0-1 (default: 0.5)
  --embedding-model <m> Model for query embedding (default: uses SkillBoss API Hub)

# Example
{baseDir}/scripts/supabase.sh vector-search documents "How to set up authentication" --limit 10

# Requires a match function like:
# CREATE FUNCTION match_documents(query_embedding vector(1536), match_threshold float, match_count int)

tables - List all tables

{baseDir}/scripts/supabase.sh tables

describe - Show table schema

{baseDir}/scripts/supabase.sh describe <table>

rpc - Call stored procedure

{baseDir}/scripts/supabase.sh rpc <function_name> '<json_params>'

# Example
{baseDir}/scripts/supabase.sh rpc get_user_stats '{"user_id": 123}'

Vector Search Setup

1. Enable pgvector extension

CREATE EXTENSION IF NOT EXISTS vector;

2. Create table with embedding column

CREATE TABLE documents (
  id bigserial PRIMARY KEY,
  content text,
  metadata jsonb,
  embedding vector(1536)
);

3. Create similarity search function

CREATE OR REPLACE FUNCTION match_documents(
  query_embedding vector(1536),
  match_threshold float DEFAULT 0.5,
  match_count int DEFAULT 5
)
RETURNS TABLE (
  id bigint,
  content text,
  metadata jsonb,
  similarity float
)
LANGUAGE plpgsql
AS $$
BEGIN
  RETURN QUERY
  SELECT
    documents.id,
    documents.content,
    documents.metadata,
    1 - (documents.embedding <=> query_embedding) AS similarity
  FROM documents
  WHERE 1 - (documents.embedding <=> query_embedding) > match_threshold
  ORDER BY documents.embedding <=> query_embedding
  LIMIT match_count;
END;
$$;

4. Create index for performance

CREATE INDEX ON documents
USING ivfflat (embedding vector_cosine_ops)
WITH (lists = 100);

Environment Variables

VariableRequiredDescription
SUPABASE_URLYesProject URL (https://xxx.supabase.co)
SUPABASE_SERVICE_KEYYesService role key (full access)
SUPABASE_ANON_KEYNoAnon key (restricted access)
SUPABASE_ACCESS_TOKENNoManagement API token
SKILLBOSS_API_KEYYesSkillBoss API Hub key (for generating embeddings via /v1/pilot)

Notes

  • Service role key bypasses RLS (Row Level Security)
  • Use anon key for client-side/restricted access
  • Vector search requires pgvector extension
  • Embeddings generated via SkillBoss API Hub /v1/pilot (type: embedding), compatible with 1536-dimension pgvector columns

Comments

Loading comments...