ClawHub

TiDB Cloud Zero

v1.3.0

Provision a disposable MySQL-compatible database instantly for free, no auth required. Includes a claim URL to convert Zero instances into regular TiDB Start...

0· 392·2 current·2 all-time
by@zoubingwu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim (provisioning ephemeral MySQL-compatible TiDB Zero instances) matches the SKILL.md API call, network requirements, and references to MySQL clients. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
The instructions are limited to calling the public API and connecting with standard MySQL clients. The included reference docs additionally show how to configure BYOK model keys via TiDB globals (SQL SET @@GLOBAL... examples). That is expected for auto-embedding functionality but is an operational/privacy consideration (it instructs storing provider API keys in the DB environment if users choose BYOK).
Install Mechanism
Instruction-only skill with no install spec, no downloads, and no code files — minimal surface area and nothing written to disk by the skill itself.
Credentials
The skill declares no required environment variables or credentials, which matches the unauthenticated API described. However, reference docs describe BYOK usage that would require external API keys (OpenAI, Cohere) and examples for setting them as TiDB global variables — these are optional but users should not assume the skill will handle or need those keys by default.
Persistence & Privilege
Skill does not request persistent presence (always:false), does not modify other skills or system settings, and has no install-time privileges.
Assessment
This skill is a documentation/instruction pack for using TiDB Cloud Zero and is internally consistent with that purpose. Before installing or using it: verify the API hostname (zero.tidbapi.com / zero.tidbcloud.com) is the legitimate provider you expect; avoid placing sensitive or regulated data into ephemeral, unauthenticated databases (instances are public and auto-expire); if you use auto-embedding BYOK, prefer secure secret management rather than embedding long-lived provider API keys into SQL globals; and if you want to keep an instance, follow the claimUrl process before expiresAt. If you have doubts about the endpoint's legitimacy, test with non-sensitive data first.

Like a lobster shell, security has layers — review code before you run it.

latestvk974enxs8yh6yt0eck5110jsxn82n3dm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments