← Back to Skills Marketplace
DB Smart Import
by
jarbcs1-prog
· GitHub ↗
· v1.0.0
· MIT-0
96
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install db-smart-importer
Description
Intelligent database import from .csv and .sql dumps into MySQL, MariaDB, and SQLite. Analyzes schemas, parses SQL dumps, suggests column mappings based on c...
README (SKILL.md)
DB Smart Importer
This skill provides a workflow for importing CSV and SQL dump files into MySQL, MariaDB, and SQLite databases with intelligent column mapping.
When to Use This Skill
- User needs to import CSV files into MySQL/MariaDB/SQLite
- User has a .sql dump file they want to execute
- Column names in source don't match destination (e.g., "email address" → "email")
- User wants automated mapping suggestions based on patterns
- Data migration between database tables
NEVER Do
- NEVER import directly without reviewing the suggested mappings first
- NEVER assume column types match — verify before import
- NEVER skip backing up the database before bulk imports
Workflow
Step 1: Analyze Source and Destination
Use analyze_schema.py to extract schema information from your source (CSV/SQL dump) and destination database.
Examples:
# Analyze CSV file
python scripts/analyze_schema.py csv /path/to/data.csv
# Analyze SQL dump file
python scripts/analyze_schema.py sql /path/to/dump.sql
# Analyze SQLite database
python scripts/analyze_schema.py sqlite /path/to/database.db
# Analyze MySQL/MariaDB database (requires mysql-connector-python)
python scripts/analyze_schema.py mysql localhost --user root --password secret --database mydb
Step 2: Get Column Mapping Suggestions
Once you have analyzed both source and destination, use map_columns.py to get mapping suggestions:
python scripts/map_columns.py '["account name", "email address"]' '["client", "email"]'
Step 3: Execute Import
After confirming mappings, use execute_import.py:
CSV Import to SQLite:
python scripts/execute_import.py csv /path/to/data.csv --db-type sqlite --db-path /path/db.db --table clients --mapping '{"email": "email", "name": "client"}'
CSV Import to MySQL/MariaDB:
python scripts/execute_import.py csv /path/to/data.csv --db-type mysql --host localhost --user root --password secret --database mydb --table clients --mapping '{"email": "email", "name": "client"}'
Execute SQL Dump:
# To SQLite
python scripts/execute_import.py sql /path/to/dump.sql --db-type sqlite --db-path /path/db.db
# To MySQL/MariaDB
python scripts/execute_import.py sql /path/to/dump.sql --db-type mysql --host localhost --user root --password secret --database mydb
Script Reference
| Script | Purpose |
|---|---|
| analyze_schema.py | Extract schema from MySQL/MariaDB/SQLite, parse SQL dumps, or sample CSV data |
| map_columns.py | Suggest column mappings using fuzzy pattern matching |
| execute_import.py | Import CSV into databases or execute SQL dump files |
Tips
- The mapper uses fuzzy matching: "phone" ≈ "contact_number" ≈ "phone_number"
- Providing sample data improves mapping accuracy
- Always review mappings before executing — automated suggestions aren't perfect
Usage Guidance
This skill appears to do what it claims, but it's powerful: it will execute SQL statements from dumps and write data to databases. Before using it, (1) never run SQL dumps or imports against production without a backup and review; (2) avoid passing passwords on the command line on multi-user systems (they appear in process listings); (3) validate table names and mappings — the scripts build SQL identifiers with string formatting and could misbehave if given untrusted names; (4) install mysql-connector-python only if you need MySQL support; and (5) inspect any dump files for destructive statements (DROP, DELETE, ALTER) before executing. If you need higher assurance, run the scripts in a sandbox or on a copy of your database first.
Capability Analysis
Type: OpenClaw Skill
Name: db-smart-importer
Version: 1.0.0
The skill contains critical SQL injection vulnerabilities in scripts/execute_import.py, where table names and column mappings are inserted directly into SQL strings using f-strings without sanitization. While the tool's logic aligns with its stated purpose of database migration, these flaws allow for arbitrary SQL execution if a user provides malicious input. No evidence of intentional malice, data exfiltration, or obfuscation was detected.
Capability Assessment
Purpose & Capability
Name, description, and included scripts (analyze_schema.py, map_columns.py, execute_import.py) align with the stated functionality (analyzing CSV/SQL, suggesting mappings, and importing into SQLite/MySQL). There are no unrelated environment variables, external endpoints, or unexpected binaries requested.
Instruction Scope
SKILL.md instructs the agent to read local CSV/SQL files and connect to local/remote databases and explicitly warns to review mappings and backup databases first — this matches the scripts. Note: execute_import.py will execute every SQL statement from a dump (split naively on ';'), so running it will perform arbitrary SQL operations against the target DB as intended; users must ensure they want that. The scripts also accept DB credentials on the command line (examples show --password), which is expected but exposes passwords on process lists.
Install Mechanism
Instruction-only with no install spec. The only optional dependency is mysql-connector-python, which the code imports conditionally and reports clearly if missing. No downloads or external installers are used.
Credentials
The skill declares no required environment variables or secrets. The scripts accept DB credentials as CLI args (host/user/password) which is appropriate for database access. No unrelated credentials or config paths are requested.
Persistence & Privilege
always is false; the skill does not request persistent or privileged system presence and does not modify other skills or system agent configuration.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install db-smart-importer - After installation, invoke the skill by name or use
/db-smart-importer - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of db-smart-importer: import CSV and SQL dumps into MySQL, MariaDB, and SQLite with smart schema analysis and column mapping.
- Import data from CSV and .sql files into MySQL, MariaDB, or SQLite databases.
- Analyze source and destination schemas for informed mapping.
- Suggest column mappings using content-based pattern matching.
- Support data migration and SQL dump parsing workflows.
- Scripts for schema analysis, mapping suggestions, and executing imports included.
- Strongly emphasizes user review of mappings and database backup before changes.
Metadata
Frequently Asked Questions
What is DB Smart Import?
Intelligent database import from .csv and .sql dumps into MySQL, MariaDB, and SQLite. Analyzes schemas, parses SQL dumps, suggests column mappings based on c... It is an AI Agent Skill for Claude Code / OpenClaw, with 96 downloads so far.
How do I install DB Smart Import?
Run "/install db-smart-importer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is DB Smart Import free?
Yes, DB Smart Import is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does DB Smart Import support?
DB Smart Import is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created DB Smart Import?
It is built and maintained by jarbcs1-prog (@jarbcs1-prog); the current version is v1.0.0.
More Skills