← Back to Skills Marketplace
callxor

PostgreSQL Database

by callxor · GitHub ↗ · v1.0.3 · MIT-0
cross-platform ⚠ suspicious
218
Downloads
1
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install postgresql-db
Description
PostgreSQL 数据库操作技能。支持连接管理、表结构查询、CRUD 操作、备份恢复、pgvector 向量查询。使用 psql 命令行工具,适合生产环境数据库运维和开发查询。
Usage Guidance
This skill is functionally coherent with a PostgreSQL admin/utility but there are a few red flags to consider before installing: - Metadata mismatch: The skill's registry entry lists no required env vars or binaries, but the documentation and scripts require psql (and DB credentials). Treat this as a packaging/metadata bug; ask the publisher to declare required env vars and binaries. - Secrets handling: The skill will source .env and/or read ~/.pgpass. Ensure those files contain only the intended DB credentials and no unrelated secrets. Prefer a least-privilege, read-only user when possible for query operations. - Arbitrary SQL: The skill (and its scripts) execute user-provided SQL. Only run in trusted environments and avoid feeding untrusted SQL. - Backups: The backup script writes files to a backups/ directory and deletes files older than 7 days. Make sure backup storage is secure (encryption/ACLs) and confirm retention policy fits your needs. What would change the assessment to benign: the publisher updating registry metadata to explicitly declare required env vars and required binaries (psql/pg_dump), and an explicit statement that scripts do not transmit data off-host. If you cannot confirm those, treat the skill as operationally useful but proceed with caution.
Capability Analysis
Type: OpenClaw Skill Name: postgresql-db Version: 1.0.3 The skill bundle provides standard PostgreSQL database management utilities, including querying, backup, and CSV export. The scripts (db_backup.sh, db_export_csv.sh, db_query.sh) and documentation (SKILL.md) align with the stated purpose of database administration. While the scripts use the PGPASSWORD environment variable in a way that could potentially expose credentials to other local users via process listings, this is a common implementation flaw rather than evidence of malicious intent. No indicators of data exfiltration, unauthorized remote access, or prompt injection were found.
Capability Assessment
Purpose & Capability
SKILL.md and included scripts clearly require PostgreSQL client tools (psql, optionally pg_dump) and DB credentials (DB_HOST, DB_PORT, DB_NAME, DB_USER, DB_PASSWORD or ~/.pgpass). The skill metadata however declares no required env vars or binaries — this mismatch is unexpected and should be corrected.
Instruction Scope
Runtime instructions explicitly tell the agent to read .env or ~/.pgpass, write backups to local disk, and execute user-supplied SQL. Those actions are within the stated purpose (DB administration) but executing arbitrary SQL and sourcing .env grants broad access to whatever environment variables are present — the SKILL.md warns about this but leaves execution decisions to the operator.
Install Mechanism
No install spec (instruction-only) and the shipped scripts are simple shell helpers; nothing in the package downloads external code. This is lower risk than a remote install, but the agent environment must have psql available.
Credentials
The skill needs database credentials to function (and the SKILL.md names DB_HOST/DB_PORT/DB_NAME/DB_USER/DB_PASSWORD), which is appropriate for a DB tool. However the registry metadata does not declare these environment variables or a primary credential, creating a transparency gap. Also sourcing .env can import unrelated secrets if present — users should ensure .env only contains DB-relevant values and use least-privilege DB accounts.
Persistence & Privilege
The skill does not request always:true and appears not to modify other skills or system-wide settings. It writes local backup files (as expected) and cleans up old backups per its script.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install postgresql-db
  3. After installation, invoke the skill by name or use /postgresql-db
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
- 明确了技能依赖的环境变量(DB_HOST, DB_PORT, DB_NAME, DB_USER, DB_PASSWORD)或 ~/.pgpass 文件存储凭证 - 调整描述说明,更突出凭证获取方式和环境变量配置要求 - 其他功能和使用方式保持不变
v1.0.2
- 优化和补充了技能描述,强调“需要数据库凭证”,并说明凭证读取方式。 - 说明本技能依赖 .env 或 ~/.pgpass 获取凭证,所有操作基于 psql 命令行工具执行。 - 进一步明确本技能适合生产环境数据库运维和开发查询场景。 - 未更改命令范例和实际操作说明,功能保持一致。
v1.0.1
- 增加了安全声明,明确所需权限和使用安全提示 - 指出敏感操作风险:访问数据库凭证、写备份到本地、执行用户 SQL - 强调仅在受信任环境、使用最小权限账户,并注意备份文件安全 - 其他内容未变
v1.0.0
zh_CN: v1.0.0 - 初始发布 核心功能 - 🔍 数据库查询(SELECT/INSERT/UPDATE/DELETE) - 📊 表结构查看(\d, \dt 等 psql 命令) - 💾 自动备份(保留 7 天) - 📁 CSV 导出 - 🔎 pgvector 向量相似度搜索 - 📈 性能监控(连接数/慢查询/锁) 包含脚本 - `db_query.sh` - SQL 查询工具 - `db_backup.sh` - 自动备份脚本 - `db_export_csv.sh` - CSV 导出工具 安全特性 - 密码使用环境变量(.env 文件) - 支持 ~/.pgpass 免密登录 - 无硬编码敏感信息 适用场景 - 生产环境数据库运维 - AI 应用向量查询 - 数据导出/备份 - 性能问题排查 配置示例 (.env 文件) ```bash DB_HOST=your-db-host.example.com DB_PORT=5432 DB_NAME=your_database DB_USER=your_user DB_PASSWORD=your_password en_US: v1.0.0 - Initial Release Core Features - 🔍 Database Query (SELECT/INSERT/UPDATE/DELETE) - 📊 Table Schema Inspection (\d, \dt, and other psql commands) - 💾 Automated Backup (7-day retention) - 📁 CSV Export - 🔎 pgvector Vector Similarity Search - 📈 Performance Monitoring (connections/slow queries/locks) Included Scripts - `db_query.sh` - SQL query tool - `db_backup.sh` - Automated backup script - `db_export_csv.sh` - CSV export tool Security Features - Password via environment variables (.env file) - Supports ~/.pgpass for passwordless login - No hardcoded sensitive information Use Cases - Production database operations - AI application vector queries - Data export/backup - Performance troubleshooting ## Configuration Example (.env file) bash DB_HOST=your-db-host.example.com DB_PORT=5432 DB_NAME=your_database DB_USER=your_user DB_PASSWORD=your_password
Metadata
Slug postgresql-db
Version 1.0.3
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 4
Frequently Asked Questions

What is PostgreSQL Database?

PostgreSQL 数据库操作技能。支持连接管理、表结构查询、CRUD 操作、备份恢复、pgvector 向量查询。使用 psql 命令行工具,适合生产环境数据库运维和开发查询。 It is an AI Agent Skill for Claude Code / OpenClaw, with 218 downloads so far.

How do I install PostgreSQL Database?

Run "/install postgresql-db" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is PostgreSQL Database free?

Yes, PostgreSQL Database is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does PostgreSQL Database support?

PostgreSQL Database is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created PostgreSQL Database?

It is built and maintained by callxor (@callxor); the current version is v1.0.3.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments