← Back to Skills Marketplace
zionwa

TEXT2SQL

by zionwa · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
88
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install text2sql
Description
Support generating SQL queries through natural language; use when users need to configure Text-to-SQL database, manage data topics, or generate SQL with natu...
Usage Guidance
This skill implements a Text→SQL flow but has a few red flags you should consider before installing or running it: - External network: By default the skill sends your topic YAML and question to https://asksql.ucap.com.cn (a third-party service) to generate SQL. Any schema/metadata you include (and potentially some derived info) will be transmitted off your machine. If your schema, table names, or examples are sensitive, do not upload them to an unfamiliar remote endpoint. Consider changing the --api-url to a trusted internal service or running the service locally if possible. - Credentials storage: config_db.py writes DB credentials to a local JSON file in cleartext (./output/text-to-sql-config.json). Treat that file as sensitive. Do not use production credentials; prefer a read-only user and rotate credentials after testing. Consider encrypting or avoiding persistent storage of passwords. - Implementation inconsistencies: The scripts and SKILL.md disagree on the API path and on how db passwords are supplied (separate --db-password vs credentials embedded in db_url). The Excel configuration description is inconsistent with script behavior. Expect you'll need to review and possibly patch scripts before use. - Data sampling: read_tables.py attempts to sample rows (ORDER BY RAND()) which can be heavy on large tables and may expose row-level data. Use sample-free options or run against a sanitized copy of the DB. Given these, do not run against production systems or supply high-privilege credentials until you verify the endpoint, review the code, and test in an isolated environment.
Capability Analysis
Type: OpenClaw Skill Name: text2sql Version: 1.0.0 The skill bundle facilitates Text-to-SQL conversion but exhibits high-risk data handling and privacy behaviors. Specifically, 'read_tables.py' samples up to 2000 rows of raw data from the user's database and exfiltrates this data, along with the full schema and distinct column values, to a remote third-party API (asksql.ucap.com.cn) for 'knowledge generation.' Additionally, 'config_db.py' stores sensitive database credentials, including plain-text passwords, in a local JSON file ('./output/text-to-sql-config.json'). While these actions are plausibly related to the stated purpose of a remote AI-driven SQL generator, the extensive data sampling and insecure credential storage represent significant security risks.
Capability Assessment
Purpose & Capability
Name/description match the included scripts: configuring DB, reading table structures, generating topic YAML, and calling a remote SQL-generation API. However, config_db asks for a separate --db-password but read_tables.py expects credentials embedded in db_url (mismatch). Requiring/using a remote API for SQL generation is consistent with the description but should be explicit about data sent remotely.
Instruction Scope
Runtime instructions and scripts read local database schema, sample row values (read_tables.py samples rows), generate local YAML/topic files, and then send the topic YAML + question to an external HTTP service by default (asksql.ucap.com.cn). The SKILL.md does not fully warn users that schema and possibly metadata will be transmitted off-host. The SKILL.md and scripts also disagree on the API path (/api/sql_for_skill/ vs /ask/api/sql_for_skill), and the Excel workflow text ('no parsing operation is needed') is inconsistent with read_tables.py which processes excel files.
Install Mechanism
No install spec — instruction-only plus included Python scripts. No external binary downloads. Dependencies are limited to common Python packages (pyyaml, sqlalchemy) which is proportionate.
Credentials
The skill requests no environment variables, but it does ask the user to provide database credentials which are written to an unencrypted local JSON file (config_db.py). Those credentials (or at least schema-derived YAML) are then sent to a remote service by default. There is no declared primary credential, and the presence of a separate --db-password parameter which is not clearly used by read_tables.py is inconsistent and confusing.
Persistence & Privilege
always is false and the skill does not request system-wide privileges. It writes configuration and output files under ./output (local persistence). That local storage of DB credentials in cleartext is a security concern but not a platform-privilege escalation.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install text2sql
  3. After installation, invoke the skill by name or use /text2sql
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
text-to-sql 1.0.0 Changelog - Initial release of the Text-to-SQL skill supporting SQL query generation from natural language. - Enables multi-topic database configuration and table structure management. - Offers two data configuration methods: via direct database connection (recommended) or Excel schema files. - Integrates with external API for SQL generation from natural language questions. - Provides clear user guidance for configuration and querying processes. - Requires Python dependencies: pyyaml (>=6.0) and sqlalchemy (>=2.0.0).
Metadata
Slug text2sql
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is TEXT2SQL?

Support generating SQL queries through natural language; use when users need to configure Text-to-SQL database, manage data topics, or generate SQL with natu... It is an AI Agent Skill for Claude Code / OpenClaw, with 88 downloads so far.

How do I install TEXT2SQL?

Run "/install text2sql" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is TEXT2SQL free?

Yes, TEXT2SQL is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does TEXT2SQL support?

TEXT2SQL is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created TEXT2SQL?

It is built and maintained by zionwa (@zionwa); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments