功能描述

Database migration manager. Detects ORM/migration tool in use, generates migrations, handles rollbacks, creates seed scripts, diffs schemas between environme...

使用说明 (SKILL.md)

Database Migration Manager

Name: Database Migration Manager
Author: llcsamih

Detect. Generate. Migrate. Roll back. Zero downtime.

Phase 1: Detect Migration Tool

Scan the project to identify the ORM/migration tool in use. Check in this order:

Signal	Tool
`prisma/schema.prisma` or `schema.prisma` in root	Prisma
`drizzle.config.ts` or `drizzle.config.js` or `drizzle/` dir	Drizzle
`knexfile.js` or `knexfile.ts`	Knex
`ormconfig.json` or `data-source.ts` with `TypeORM` import	TypeORM
`alembic.ini` or `alembic/` directory	Alembic
`manage.py` with Django imports	Django
`migrations/` dir with raw `.sql` files, no ORM config	Raw SQL

If no tool is detected, ask the user which they want to use. If starting fresh, recommend Drizzle for TypeScript projects, Alembic for Python, Django migrations for Django apps.

Read the existing migration history to understand current schema state before doing anything.

Phase 2: Determine the Operation

Classify what the user needs:

Operation	Description
generate	Create a new migration from schema changes
run	Apply pending migrations
rollback	Revert the last migration or to a specific point
seed	Create or run seed data scripts
diff	Compare schemas between environments
backup	Back up the database before migrating
zero-downtime	Multi-step migration for production safety

If the user's request implies multiple operations (e.g., "migrate production safely"), chain them: backup -> diff -> generate -> run.

Phase 3: Execute by Tool

Prisma

# Generate migration from schema changes
npx prisma migrate dev --name \x3Cmigration_name>

# Apply in production (no interactive prompts)
npx prisma migrate deploy

# Reset database (dev only — destroys data)
npx prisma migrate reset

# Check migration status
npx prisma migrate status

# Generate client after schema change
npx prisma generate

# Seed data
npx prisma db seed

# Pull schema from existing database
npx prisma db pull

# Push schema without migration file (dev only)
npx prisma db push

Prisma rollback: Prisma has no built-in rollback command. To roll back:

Create a new migration that reverses the changes
Or restore from backup
For failed migrations: npx prisma migrate resolve --rolled-back \x3Cmigration_name>

Prisma seed setup: Ensure package.json has:

{
  "prisma": {
    "seed": "tsx prisma/seed.ts"
  }
}

Drizzle

# Generate migration from schema changes
npx drizzle-kit generate

# Apply migrations
npx drizzle-kit migrate

# Push schema directly (dev only — destructive)
npx drizzle-kit push

# Pull schema from existing database
npx drizzle-kit pull

# Open Drizzle Studio (visual browser)
npx drizzle-kit studio

# Check current state
npx drizzle-kit check

Drizzle rollback: Drizzle generates SQL files. To roll back:

Write a new migration that reverses changes
Or delete the migration file and re-push (dev only)
For production: always use generated SQL files, never push

Drizzle seed: Create a seed.ts file and run with tsx drizzle/seed.ts or add a script to package.json.

Knex

# Create a new migration file
npx knex migrate:make \x3Cmigration_name>

# Run pending migrations
npx knex migrate:latest

# Rollback last batch
npx knex migrate:rollback

# Rollback all migrations
npx knex migrate:rollback --all

# Check migration status
npx knex migrate:status

# Run seed files
npx knex seed:run

# Create a new seed file
npx knex seed:make \x3Cseed_name>

Knex migration template:

exports.up = function(knex) {
  return knex.schema.createTable('table_name', (table) => {
    table.increments('id').primary();
    table.timestamps(true, true);
  });
};

exports.down = function(knex) {
  return knex.schema.dropTable('table_name');
};

TypeORM

# Generate migration from entity changes
npx typeorm migration:generate -d src/data-source.ts src/migrations/\x3CMigrationName>

# Create empty migration
npx typeorm migration:create src/migrations/\x3CMigrationName>

# Run pending migrations
npx typeorm migration:run -d src/data-source.ts

# Revert last migration
npx typeorm migration:revert -d src/data-source.ts

# Show migrations and status
npx typeorm migration:show -d src/data-source.ts

Alembic (Python/SQLAlchemy)

# Auto-generate migration from model changes
alembic revision --autogenerate -m "description of change"

# Create empty migration
alembic revision -m "description of change"

# Apply all pending migrations
alembic upgrade head

# Upgrade to specific revision
alembic upgrade \x3Crevision_id>

# Rollback one step
alembic downgrade -1

# Rollback to specific revision
alembic downgrade \x3Crevision_id>

# Show current revision
alembic current

# Show migration history
alembic history

# Show all branch heads
alembic heads

Django

# Generate migrations from model changes
python3 manage.py makemigrations

# Generate for specific app
python3 manage.py makemigrations \x3Capp_name>

# Apply all pending migrations
python3 manage.py migrate

# Apply specific app migration
python3 manage.py migrate \x3Capp_name> \x3Cmigration_number>

# Rollback to specific migration
python3 manage.py migrate \x3Capp_name> \x3Cmigration_number>

# Rollback all migrations for an app
python3 manage.py migrate \x3Capp_name> zero

# Show migration status
python3 manage.py showmigrations

# Generate SQL without applying
python3 manage.py sqlmigrate \x3Capp_name> \x3Cmigration_number>

# Create empty migration
python3 manage.py makemigrations --empty \x3Capp_name>

Raw SQL

When no ORM is detected and the project uses raw SQL:

Create a migrations/ directory if it doesn't exist
Name files with timestamp prefix: YYYYMMDDHHMMSS_description.sql
Each migration file should have -- UP and -- DOWN sections
Track applied migrations in a _migrations table

Raw SQL migration template:

-- UP
CREATE TABLE IF NOT EXISTS example (
  id SERIAL PRIMARY KEY,
  name VARCHAR(255) NOT NULL,
  created_at TIMESTAMP DEFAULT NOW()
);

-- DOWN
DROP TABLE IF EXISTS example;

Migration tracking table:

CREATE TABLE IF NOT EXISTS _migrations (
  id SERIAL PRIMARY KEY,
  filename VARCHAR(255) NOT NULL UNIQUE,
  applied_at TIMESTAMP DEFAULT NOW()
);

Phase 4: Database Backup

Always back up before running migrations in production. Offer to back up before any destructive operation.

Postgres

# Full database dump (compressed)
pg_dump -Fc -f backup_$(date +%Y%m%d_%H%M%S).dump $DATABASE_URL

# Schema only
pg_dump --schema-only -f schema_$(date +%Y%m%d_%H%M%S).sql $DATABASE_URL

# Specific tables
pg_dump -t table_name -f table_backup.dump $DATABASE_URL

# Restore from dump
pg_restore -d $DATABASE_URL backup.dump

# Restore from SQL
psql $DATABASE_URL \x3C backup.sql

# Roles and global objects (needed for full restore)
pg_dumpall --globals-only -f globals.sql

MySQL

# Full database dump
mysqldump -u $DB_USER -p $DB_NAME > backup_$(date +%Y%m%d_%H%M%S).sql

# Schema only
mysqldump -u $DB_USER -p --no-data $DB_NAME > schema_$(date +%Y%m%d_%H%M%S).sql

# Specific tables
mysqldump -u $DB_USER -p $DB_NAME table_name > table_backup.sql

# Restore
mysql -u $DB_USER -p $DB_NAME \x3C backup.sql

# With single-transaction for InnoDB (no locks)
mysqldump --single-transaction -u $DB_USER -p $DB_NAME > backup.sql

SQLite

# Copy the database file (simplest backup)
cp database.db backup_$(date +%Y%m%d_%H%M%S).db

# SQL dump
sqlite3 database.db .dump > backup_$(date +%Y%m%d_%H%M%S).sql

# With WAL mode — must copy both files
cp database.db backup.db && cp database.db-wal backup.db-wal 2>/dev/null

# Online backup (safe while db is in use)
sqlite3 database.db "VACUUM INTO 'backup_$(date +%Y%m%d_%H%M%S).db';"

# Restore from SQL dump
sqlite3 new_database.db \x3C backup.sql

Phase 5: Schema Diff Between Environments

Compare schemas to detect drift between environments.

Prisma

# Pull remote schema and compare
npx prisma db pull  # updates schema.prisma from database
git diff prisma/schema.prisma  # see what changed vs. committed schema

Drizzle

# Check for schema drift
npx drizzle-kit check

# Pull current DB schema
npx drizzle-kit pull
# Then diff generated files against your source schema

Generic SQL Diff (Postgres)

# Dump schemas from both environments
pg_dump --schema-only -f staging_schema.sql $STAGING_DATABASE_URL
pg_dump --schema-only -f production_schema.sql $PRODUCTION_DATABASE_URL

# Diff them
diff staging_schema.sql production_schema.sql

Generic SQL Diff (MySQL)

mysqldump --no-data -u $USER -p $STAGING_DB > staging_schema.sql
mysqldump --no-data -u $USER -p $PROD_DB > production_schema.sql
diff staging_schema.sql production_schema.sql

For richer diffs, use migra (Postgres):

pip install migra
migra $STAGING_DATABASE_URL $PRODUCTION_DATABASE_URL --unsafe
# Outputs ALTER statements needed to sync staging -> production

Phase 6: Seed Data

When creating seed scripts, follow these principles:

Idempotent: Seeds must be safe to run multiple times (use upserts or check-before-insert)
Environment-aware: Different seed data for dev vs. staging vs. production
Realistic: Use realistic data shapes, not lorem ipsum
Referential integrity: Insert in dependency order (users before posts, etc.)
Deterministic: Use fixed IDs or consistent generation for reproducibility

Seed Script Structure

// seed.ts pattern (Prisma/Drizzle/Knex)
async function seed() {
  console.log('Seeding database...');

  // 1. Clear existing data (dev only)
  if (process.env.NODE_ENV !== 'production') {
    await clearTables();
  }

  // 2. Insert in dependency order
  const users = await seedUsers();
  const projects = await seedProjects(users);
  await seedTasks(projects, users);

  console.log('Seeding complete.');
}

seed()
  .catch((e) => {
    console.error(e);
    process.exit(1);
  });

Python Seed Pattern (Alembic/Django)

# For Alembic: create a data migration
# alembic revision -m "seed initial data"

def upgrade():
    op.execute("""
        INSERT INTO users (email, name) VALUES
        ('[email protected]', 'Admin')
        ON CONFLICT (email) DO NOTHING;
    """)

def downgrade():
    op.execute("DELETE FROM users WHERE email = '[email protected]';")

# For Django: management command
# python3 manage.py seed
from django.core.management.base import BaseCommand

class Command(BaseCommand):
    def handle(self, *args, **options):
        User.objects.get_or_create(
            email='[email protected]',
            defaults={'name': 'Admin'}
        )

Phase 7: Zero-Downtime Migrations

Use the expand-contract pattern for any schema change that could break running application code. This is mandatory for production deployments with rolling updates or blue-green deploys.

When to Use Zero-Downtime Patterns

Change	Safe Without Pattern?	Zero-Downtime Required?
Add nullable column	Yes	No
Add column with default	Yes (Postgres 11+, MySQL 8.0.12+)	No
Add NOT NULL column	No	Yes
Rename column	No	Yes
Change column type	No	Yes
Drop column	No	Yes
Add index	Depends on size	Use CONCURRENTLY
Add foreign key	No (locks table)	Yes

The Expand-Contract Pattern

Step 1: Expand (Deploy migration + new code that writes to both)

-- Add new column, nullable, no constraint yet
ALTER TABLE users ADD COLUMN display_name VARCHAR(255);

Step 2: Backfill (Run as background job, batch processing)

-- Process in batches to avoid locks
UPDATE users
SET display_name = name
WHERE display_name IS NULL
AND id BETWEEN $start AND $end;
-- Run in batches of 1000-5000 rows
-- Sleep 100-500ms between batches
-- Monitor replication lag

Step 3: Contract (Deploy code that only reads from new column)

-- Now safe to add constraint
ALTER TABLE users ALTER COLUMN display_name SET NOT NULL;

-- After bake period (24-72 hours), drop old column
ALTER TABLE users DROP COLUMN name;

Safe Index Creation

-- Postgres: CREATE INDEX CONCURRENTLY (no table lock)
CREATE INDEX CONCURRENTLY idx_users_email ON users(email);
-- Note: Cannot run inside a transaction

-- MySQL: Online DDL (InnoDB)
ALTER TABLE users ADD INDEX idx_email (email), ALGORITHM=INPLACE, LOCK=NONE;

Safe Foreign Key Addition (Postgres)

-- Step 1: Add constraint as NOT VALID (no full table scan)
ALTER TABLE posts
ADD CONSTRAINT fk_posts_user
FOREIGN KEY (user_id) REFERENCES users(id)
NOT VALID;

-- Step 2: Validate in background (no lock on writes)
ALTER TABLE posts VALIDATE CONSTRAINT fk_posts_user;

Rename Column Pattern

Never rename directly. Instead:

Add new column
Deploy code that writes to both old and new
Backfill new column from old
Deploy code that reads from new column only
Drop old column after bake period

Multi-Deploy Migration Checklist

For any breaking schema change, split across multiple deploys:

Deploy 1: Add new column/table (expand)
Deploy 2: Update writes to populate both old and new
Deploy 3: Backfill existing data
Deploy 4: Switch reads to new column/table
Deploy 5: Stop writing to old column
Deploy 6: Drop old column/table (contract) — after bake period

Safety Rules

Never run migrate reset, push, or db push in production — these are dev-only commands
Always back up before migrating production — offer this proactively
Never drop columns or tables without confirming with the user — even if the schema change implies it
Review generated SQL before applying — auto-generated migrations can be destructive
Test migrations on a staging copy of production data — operations that take milliseconds on dev can lock for minutes on large tables
Monitor during production migrations — watch replication lag, CPU, lock contention
Keep migrations small and focused — one concern per migration file
Never skip the down/rollback function — every up needs a corresponding down
Use transactions where supported — Postgres DDL is transactional, MySQL is not (most DDL auto-commits)
Check for active connections before dropping — SELECT * FROM pg_stat_activity WHERE datname = 'dbname';

Error Recovery

If a migration fails mid-way:

Check migration status — which migrations applied, which failed
Do NOT re-run blindly — understand what partially applied
For Prisma: npx prisma migrate resolve --rolled-back \x3Cname> to mark as rolled back
For Alembic: alembic stamp \x3Clast_good_revision> to reset tracking
For Django: Fix the issue, then python3 manage.py migrate again (Django tracks per-migration)
For Knex: Check knex_migrations table, manually remove failed entry if needed
Restore from backup if the database is in an inconsistent state

Environment Variable Detection

Read database connection from the project's environment:

Variable	Common In
`DATABASE_URL`	Prisma, Drizzle, general
`DB_HOST` + `DB_PORT` + `DB_NAME` + `DB_USER` + `DB_PASSWORD`	Knex, TypeORM, raw
`SQLALCHEMY_DATABASE_URI`	Alembic/Flask
`DATABASES` in `settings.py`	Django
`POSTGRES_URL` or `POSTGRES_PRISMA_URL`	Vercel Postgres
`TURSO_DATABASE_URL` + `TURSO_AUTH_TOKEN`	Turso/LibSQL

Check .env, .env.local, .env.development, and .env.production for these values. Never log or display connection strings — they contain credentials.

安全使用建议

This skill appears to do what it claims, but the package metadata omits key details. Before installing or invoking it: 1) Treat .env/.env.local as sensitive — confirm you are comfortable allowing the agent to read those files or run it in an isolated environment (dev container) where secrets are safe. 2) Ensure the required CLIs (prisma, drizzle-kit, knex, alembic, psql, mysql, sqlite3, Python/Django tooling) are installed locally; the skill's metadata should list them but doesn't. 3) Require and verify the skill prompts for explicit confirmation before any destructive or production operation and that backups are created and verified. 4) Prefer running migration commands yourself or reviewing generated commands/migration SQL before execution. 5) Ask the skill author/maintainer to update metadata to declare required binaries and to document exactly which files it reads and how it handles credentials; if you cannot verify those changes, treat the skill as higher risk.

功能分析

Type: OpenClaw Skill Name: database-migration-manager Version: 1.0.1 The database-migration-manager skill is a well-documented tool for managing database schemas across various ORMs (Prisma, Drizzle, Alembic, etc.). It follows industry best practices by emphasizing the use of existing environment variables, requiring user confirmation for destructive actions, and providing detailed instructions for safe production migrations and backups (SKILL.md). No evidence of malicious intent, data exfiltration, or unauthorized execution was found.

能力评估

ℹ Purpose & Capability

The SKILL.md content directly implements a database migration manager (detects ORMs, generates migrations, runs/rolls back, backups). That purpose justifies reading project files and invoking DB CLIs. However, the package metadata declares no required binaries, env vars, or config paths while the runtime instructions say specific CLIs (prisma, drizzle-kit, knex, alembic, psql, mysql, sqlite3, Django manage.py) must be present and that .env/.env.local will be read. The omission in metadata is an inconsistency that should be corrected.

⚠ Instruction Scope

The instructions explicitly tell the agent to scan the project, read migration history, and read project environment files (.env, .env.local) to obtain DB credentials. Those actions are within scope for a migration tool, but they involve reading secrets from project files. The doc claims destructive operations require explicit user confirmation and production actions create backups first, which mitigates risk if followed — but those are procedural guarantees in prose and rely on the agent enforcing them.

✓ Install Mechanism

This is an instruction-only skill with no install spec or code files, which minimizes direct installation risk (no arbitrary archive downloads). It expects local CLIs to already be installed; the metadata should have declared those binaries but did not.

⚠ Credentials

Metadata lists no required environment variables or config paths, yet the instructions state the skill will read .env and .env.local for database credentials and may connect to remote DBs if the project's configuration points to one. Asking the agent to access project env files without declaring that need is disproportionate and a privacy/security concern (these files often contain secrets).

✓ Persistence & Privilege

The skill is not always-included and has no install-time persistence or system-wide configuration changes. Autonomous invocation is allowed but that is the platform default; there is no evidence the skill requests elevated or persistent privileges.

版本历史

v1.0.1

Added explicit security notes, required-tools declaration, and safety guards for production operations

v1.0.0

Initial release: detect ORM, generate migrations, rollback, seed, diff, backup, zero-downtime patterns

元数据

Slug database-migration-manager

版本 1.0.1

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 2

常见问题