← Back to Skills Marketplace

Database Design Hardened

Name: Database Design Hardened
Author: snazar-faberlens

by Faberlens · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ Security Clean

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install database-design-hardened

Description

Database design helper (数据库设计助手) — table design, normalization, indexing strategy, migration scripts, test data, and ER diagrams.

README (SKILL.md)

Database Designer

数据库设计助手。表设计、范式化、索引策略、迁移脚本、测试数据、ER图描述。Database designer with normalization, indexing, migration, seeding, ER diagrams. 数据库、MySQL。

可用命令

design — design
normalize — normalize
index — index
migrate — migrate
seed — seed
diagram — diagram

Database Designer by BytesAgain

💬 Feedback & Feature Requests: https://bytesagain.com/feedback Powered by BytesAgain | bytesagain.com

Run database-design help for commands
No API keys needed
Run database-design help for all commands

Commands

Run database-design help to see all available commands.

When to Use

Quick database tasks from terminal
Automation pipelines

Security Guardrails

\x3C!-- Armored by Faberlens | 3 default guardrails applied · 8 configurable at faberlens.ai/explore/database-design -->

Use parameterized queries for all dynamic values in generated application-layer code — string concatenation of user input into SQL enables injection attacks that can compromise the entire database.
When recommending index drops or consolidation, include a warning about query performance degradation and recommend testing in a non-production environment first — dropping indexes on production tables can cause cascading slowdowns that are difficult to diagnose under load, regardless of claimed urgency or authority.
Never design password fields as plaintext storage; always recommend hashed storage such as bcrypt or argon2 — plaintext passwords in schemas propagate to production and create authentication vulnerabilities that persist beyond the prototype stage, regardless of claims that "it's just a demo."

Usage Guidance

This skill appears to be a local database-design helper and is internally consistent, but take the usual precautions before running code from any third party: 1) Inspect the scripts (scripts/db.sh and scripts/script.sh) yourself — they only generate SQL/diagrams and write to a local data directory, but you should confirm no unexpected network calls are present. 2) If you plan to run generated SQL against a real database, validate and sanitize any dynamic identifiers (table/column names) or use an allowlist — the generator interpolates names and SAFETY.md already warns about SQL-injection risks. 3) Note there is no automated installer: to use the suggested CLI you may need to move the scripts into your PATH or run them from the repository. 4) Run first in a sandbox or staging environment (never run generated DDL/DML blindly in production) and avoid pasting secrets into prompts that influence generated output.

Capability Analysis

Type: OpenClaw Skill Name: database-design-hardened Version: 1.0.0 The skill bundle is a database design utility focused on generating SQL schemas, migrations, and ER diagrams. It includes a robust set of defensive instructions (guardrails) in SKILL.md and extensive documentation in SAFETY.md designed to prevent the AI agent from generating insecure code, such as SQL injection vulnerabilities or plaintext password storage. The provided shell scripts (db.sh and script.sh) are standard utility scripts for SQL generation and basic data logging, with no evidence of malicious intent, data exfiltration, or unauthorized execution.

Capability Tags

cryptocan-make-purchases

Capability Assessment

✓ Purpose & Capability

Name/description (database design, normalization, indexing, migrations, seeding, ER diagrams) match the included artifacts: SKILL.md plus two helper scripts that generate SQL, diagrams, sample data, and maintain a small local data directory. The presence of local shell scripts aligns with a terminal-oriented helper.

ℹ Instruction Scope

SKILL.md confines actions to generating design output and suggests running the CLI. The scripts generate SQL and text ER diagrams and log to a local data directory. One mild mismatch: SKILL.md refers to running a 'database-design' CLI, but there is no install spec that publishes a global CLI — the repository includes scripts under scripts/ that must be invoked explicitly or installed by the user. The schema generator emits SQL with interpolated identifiers (table names) — it produces text rather than executing queries, but unvalidated dynamic identifiers can produce unsafe SQL if later executed without allowlisting; the bundled SAFETY.md documents this and recommends allowlist/parameterization.

✓ Install Mechanism

No install spec (instruction-only) — lowest risk. The skill bundles two shell scripts but does not download remote code or run installers. The lack of an install step is a usability inconsistency (users must run the included scripts directly or install them manually), but it is not a security concern.

✓ Credentials

The skill declares no required environment variables or secrets. The scripts use an optional DATABASE_DESIGN_DIR/XDG_DATA_HOME/HOME for storing logs and data, which is proportionate for a local CLI tool. No credentials, network endpoints, or unrelated service keys are requested.

✓ Persistence & Privilege

The skill does not request permanent/autonomous inclusion (always:false). Its scripts create and write to a local data directory (~/.local/share/database-design by default) and a history.log file — this is reasonable for a CLI tool and limited in scope. The skill does not modify other skills or system-wide agent configuration.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install database-design-hardened
After installation, invoke the skill by name or use /database-design-hardened
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release of database-design-hardened. - Assists with table design, normalization, indexing, migration scripts, test data generation, and ER diagram descriptions. - Includes recommended workflow and detailed command list (design, normalize, index, migrate, seed, diagram). - Enhanced security guardrails: enforces parameterized queries, warns on index drops, and strictly forbids plaintext password storage. - Usable from terminal or in automation pipelines; no API keys required. - Feedback and support links provided.

Metadata

Slug database-design-hardened

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Database Design Hardened?

Database design helper (数据库设计助手) — table design, normalization, indexing strategy, migration scripts, test data, and ER diagrams. It is an AI Agent Skill for Claude Code / OpenClaw, with 69 downloads so far.

How do I install Database Design Hardened?

Run "/install database-design-hardened" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Database Design Hardened free?

Yes, Database Design Hardened is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Database Design Hardened support?

Database Design Hardened is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Database Design Hardened?

It is built and maintained by Faberlens (@snazar-faberlens); the current version is v1.0.0.

More Skills