← Back to Skills Marketplace
74
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install mongo-query
Description
Query MongoDB databases for debugging and troubleshooting. Use when user needs to: (1) List all databases, (2) List collections in a database, (3) Execute Mo...
Usage Guidance
This skill is coherent with querying MongoDB, but proceed cautiously:
- Do NOT store full connection URIs (with usernames/passwords) in plaintext project files like TOOLS.md or repo files. Use environment variables, a secrets manager, or ephemeral credentials.
- Expect to install Python and the pymongo package locally before running the script. The registry metadata omits these — verify and install them yourself.
- If you plan to use a Kubernetes service name, the script runs kubectl port-forward: that will use your kubeconfig and can access clusters your kubectl is authorized for. Only run this if you trust the cluster and the script.
- Review the included scripts/query_mongo.py yourself (it spawns kubectl and connects to MongoDB). Look for any unexpected network endpoints or data-exfil behavior before running, and prefer running it from a non-production environment first.
- Use a least-privilege, read-only MongoDB account for queries and limit query results (use --limit). If you need persistent access, consider granting scoped service accounts or secrets storage rather than saving credentials in repository files.
If you want, I can list the exact lines in the script that start kubectl, parse/save URIs, and where credentials are used so you can review them quickly.
Capability Analysis
Type: OpenClaw Skill
Name: mongo-query
Version: 1.0.0
The skill provides a legitimate utility for querying MongoDB databases, supporting both direct IP connections and Kubernetes port-forwarding via kubectl. The Python script (query_mongo.py) implements safe subprocess execution (avoiding shell=True) and follows the logic described in SKILL.md. While the instructions suggest the agent store connection strings in a local TOOLS.md file for session persistence, this behavior is transparently documented and aligned with the tool's purpose for debugging and troubleshooting.
Capability Assessment
Purpose & Capability
The script's functionality (listing DBs/collections, running queries, optionally port-forwarding a Kubernetes service) matches the skill name/description. However registry metadata claimed no required binaries or credentials while SKILL.md and the script require Python/pymongo and optionally kubectl. The omission of kubectl/pymongo from declared requirements is an inconsistency.
Instruction Scope
SKILL.md correctly instructs the agent to ask the user for a full MongoDB URI (including credentials). It also recommends saving connection info into a project's TOOLS.md — instructing persistent storage of credentials in a repo is scope creep and increases risk of credential leakage. The instructions also rely on kubectl port-forward (which interacts with the user's kubeconfig) but this is not emphasized as a sensitive operation.
Install Mechanism
No install spec is provided (instruction-only), which reduces install-surface risk. The SKILL.md does require installing pymongo via pip, and the script will invoke kubectl if needed. The lack of an explicit install spec or dependency declaration in registry metadata is a mismatch but not itself malicious.
Credentials
The skill asks for full MongoDB connection URIs (username/password embedded) — that is expected for DB queries but is sensitive. It also will call kubectl which implicitly uses the user's kubeconfig and cluster credentials; SKILL.md does not declare or warn about kubeconfig access. Recommending storing the URI in TOOLS.md is disproportionate and dangerous.
Persistence & Privilege
The skill does not request always:true, does not modify other skills' configs, and the code does not persist changes itself. However the documentation's guidance to save credentials in a project file would create persistent sensitive data outside the skill and should be avoided.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install mongo-query - After installation, invoke the skill by name or use
/mongo-query - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the mongodb-query skill:
- Enables querying MongoDB databases for debugging and troubleshooting.
- Supports listing databases and collections, executing queries, and checking connection health.
- Automatically handles connections via direct IP or Kubernetes service name.
- Requires --uri (MongoDB connection string); supports parameters for database, collection, queries, and K8s namespace.
- Detailed usage instructions and examples provided in documentation.
Metadata
Frequently Asked Questions
What is mongodb-query?
Query MongoDB databases for debugging and troubleshooting. Use when user needs to: (1) List all databases, (2) List collections in a database, (3) Execute Mo... It is an AI Agent Skill for Claude Code / OpenClaw, with 74 downloads so far.
How do I install mongodb-query?
Run "/install mongo-query" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is mongodb-query free?
Yes, mongodb-query is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does mongodb-query support?
mongodb-query is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created mongodb-query?
It is built and maintained by GoodAtMe (@peintune); the current version is v1.0.0.
More Skills