← Back to Skills Marketplace

Sql Audit

Name: Sql Audit
Author: lovenervermore

by LoveNerverMore · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

239

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install sql-audit

Description

SQL 语法与安全审核，它将真正执行，并返回执行的数据结果

Usage Guidance

This skill will actually run SQL against whatever database credentials you provide and may call an external LLM (Gemini) if configured. Before installing or running it: - Don't supply high-privilege DB credentials. Create and use a dedicated, read-only DB user limited to the minimal schemas/tables needed. - Verify how you will provide credentials: the code expects DB_DSN or an explicit db_dsn input, but SKILL.md lists DB_HOST/DB_USER/etc — fix this mismatch and test in a safe environment. - Be aware index.js loads ../.env (the parent .env). That can leak other project secrets into the skill; store DB/GEMINI credentials in a separate, minimal .env for the skill or avoid using a project-wide .env. - The skill may make outbound HTTP calls (Gemini) using GEMINI_API_URL/GEMINI_API_KEY/GEMINI_TOKEN. Only provide tokens that are scoped and revocable. - Review the included sql_audit.py code (especially the parts that build and send LLM requests and error handling) before use. Run the skill in an isolated environment or staging DB first. - If you cannot review the code or control the DB credentials and network egress, do not install or run this skill. I rated this 'suspicious' (not 'malicious') because many behaviors are reasonable for an SQL execution/audit tool, but the undocumented env usage, .env loading from the project root, and mismatch between docs and runtime make it unclear and potentially dangerous without careful configuration and review.

Capability Analysis

Type: OpenClaw Skill Name: sql-audit Version: 1.0.0 The skill bundle is classified as suspicious due to a significant discrepancy between its documentation and implementation, alongside high-risk credential handling. While SKILL.md claims the tool performs security auditing and intercepts write operations or full table scans, the actual code in sql_audit.py and index.js lacks these safeguards and executes raw SQL directly. Furthermore, the code contains a hardcoded JWT token and directs LLM requests to a specific IP address (47.77.199.56) instead of a standard API endpoint, which could facilitate data interception or unauthorized access.

Capability Assessment

⚠ Purpose & Capability

The skill's stated purpose is to audit and actually execute SQL against StarRocks/Doris. Executing SQL requires database credentials — which the code uses — so that part is coherent. However the SKILL.md lists DB_HOST/DB_PORT/DB_USER/DB_PASSWORD/DB_NAME as .env keys while the runtime (index.js / python) prefers a single DB_DSN environment variable or an explicit db_dsn input. The registry metadata also declared no required env vars, which is inconsistent with the code and README.

⚠ Instruction Scope

The instructions and implementation perform real SQL execution (expected) but also read configuration from a parent .env file (index.js loads ../.env) which can expose unrelated secrets to the skill. The skill may call an external LLM (Gemini) for fallback candidate generation using GEMINI_API_* envs. The code will execute arbitrary SQL provided to it (or from candidates), so callers must ensure those queries are safe and that the DB credentials have minimal privileges.

ℹ Install Mechanism

No install spec is provided (lower install risk), but the package includes two code files (index.js and sql_audit.py) and has runtime Python dependencies (pymysql, httpx) that are not documented in a package install step. The absence of declared dependency installation means runtime failures or implicit dependency pulls are possible.

⚠ Credentials

The skill requires database credentials and optionally Gemini API keys/tokens to function, but the registry metadata declared no required env vars. Worse, index.js loads ../.env (project root) into process.env, potentially exposing unrelated secrets stored there to the skill and to the spawned Python process. The discrepancy between documented .env keys and actual code (DB_HOST vs DB_DSN) is confusing and risky.

✓ Persistence & Privilege

The skill does not request always:true and does not modify other skills' configs. It runs as an invoked skill (normal privilege). There is no evidence it persists beyond its execution footprint.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install sql-audit
After installation, invoke the skill by name or use /sql-audit
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

sql-audit v1.0.2 - 新增对 SQL 语法与安全的静态审核，包括拦截全表扫描、写操作及跨库非法关联。 - 支持真实连接 StarRocks/Doris 数据库，执行 SQL 并返回数据结果。 - 输入支持多候选 SQL 与用户原始查询，并返回数据、行数、执行状态、重试建议等信息。 - 输出结果包括是否成功、查询数据、结果行数、重试建议及简化后的指标候选。 - 文档详细说明依赖项与独立运行方法。

Metadata

Slug sql-audit

Version 1.0.0

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 1

Frequently Asked Questions

What is Sql Audit?

SQL 语法与安全审核，它将真正执行，并返回执行的数据结果. It is an AI Agent Skill for Claude Code / OpenClaw, with 239 downloads so far.

How do I install Sql Audit?

Run "/install sql-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Sql Audit free?

Yes, Sql Audit is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Sql Audit support?

Sql Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Sql Audit?

It is built and maintained by LoveNerverMore (@lovenervermore); the current version is v1.0.0.

More Skills