← 返回 Skills 市场
DB Smart Import
作者
jarbcs1-prog
· GitHub ↗
· v1.0.0
· MIT-0
96
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install db-smart-importer
功能描述
Intelligent database import from .csv and .sql dumps into MySQL, MariaDB, and SQLite. Analyzes schemas, parses SQL dumps, suggests column mappings based on c...
使用说明 (SKILL.md)
DB Smart Importer
This skill provides a workflow for importing CSV and SQL dump files into MySQL, MariaDB, and SQLite databases with intelligent column mapping.
When to Use This Skill
- User needs to import CSV files into MySQL/MariaDB/SQLite
- User has a .sql dump file they want to execute
- Column names in source don't match destination (e.g., "email address" → "email")
- User wants automated mapping suggestions based on patterns
- Data migration between database tables
NEVER Do
- NEVER import directly without reviewing the suggested mappings first
- NEVER assume column types match — verify before import
- NEVER skip backing up the database before bulk imports
Workflow
Step 1: Analyze Source and Destination
Use analyze_schema.py to extract schema information from your source (CSV/SQL dump) and destination database.
Examples:
# Analyze CSV file
python scripts/analyze_schema.py csv /path/to/data.csv
# Analyze SQL dump file
python scripts/analyze_schema.py sql /path/to/dump.sql
# Analyze SQLite database
python scripts/analyze_schema.py sqlite /path/to/database.db
# Analyze MySQL/MariaDB database (requires mysql-connector-python)
python scripts/analyze_schema.py mysql localhost --user root --password secret --database mydb
Step 2: Get Column Mapping Suggestions
Once you have analyzed both source and destination, use map_columns.py to get mapping suggestions:
python scripts/map_columns.py '["account name", "email address"]' '["client", "email"]'
Step 3: Execute Import
After confirming mappings, use execute_import.py:
CSV Import to SQLite:
python scripts/execute_import.py csv /path/to/data.csv --db-type sqlite --db-path /path/db.db --table clients --mapping '{"email": "email", "name": "client"}'
CSV Import to MySQL/MariaDB:
python scripts/execute_import.py csv /path/to/data.csv --db-type mysql --host localhost --user root --password secret --database mydb --table clients --mapping '{"email": "email", "name": "client"}'
Execute SQL Dump:
# To SQLite
python scripts/execute_import.py sql /path/to/dump.sql --db-type sqlite --db-path /path/db.db
# To MySQL/MariaDB
python scripts/execute_import.py sql /path/to/dump.sql --db-type mysql --host localhost --user root --password secret --database mydb
Script Reference
| Script | Purpose |
|---|---|
| analyze_schema.py | Extract schema from MySQL/MariaDB/SQLite, parse SQL dumps, or sample CSV data |
| map_columns.py | Suggest column mappings using fuzzy pattern matching |
| execute_import.py | Import CSV into databases or execute SQL dump files |
Tips
- The mapper uses fuzzy matching: "phone" ≈ "contact_number" ≈ "phone_number"
- Providing sample data improves mapping accuracy
- Always review mappings before executing — automated suggestions aren't perfect
安全使用建议
This skill appears to do what it claims, but it's powerful: it will execute SQL statements from dumps and write data to databases. Before using it, (1) never run SQL dumps or imports against production without a backup and review; (2) avoid passing passwords on the command line on multi-user systems (they appear in process listings); (3) validate table names and mappings — the scripts build SQL identifiers with string formatting and could misbehave if given untrusted names; (4) install mysql-connector-python only if you need MySQL support; and (5) inspect any dump files for destructive statements (DROP, DELETE, ALTER) before executing. If you need higher assurance, run the scripts in a sandbox or on a copy of your database first.
功能分析
Type: OpenClaw Skill
Name: db-smart-importer
Version: 1.0.0
The skill contains critical SQL injection vulnerabilities in scripts/execute_import.py, where table names and column mappings are inserted directly into SQL strings using f-strings without sanitization. While the tool's logic aligns with its stated purpose of database migration, these flaws allow for arbitrary SQL execution if a user provides malicious input. No evidence of intentional malice, data exfiltration, or obfuscation was detected.
能力评估
Purpose & Capability
Name, description, and included scripts (analyze_schema.py, map_columns.py, execute_import.py) align with the stated functionality (analyzing CSV/SQL, suggesting mappings, and importing into SQLite/MySQL). There are no unrelated environment variables, external endpoints, or unexpected binaries requested.
Instruction Scope
SKILL.md instructs the agent to read local CSV/SQL files and connect to local/remote databases and explicitly warns to review mappings and backup databases first — this matches the scripts. Note: execute_import.py will execute every SQL statement from a dump (split naively on ';'), so running it will perform arbitrary SQL operations against the target DB as intended; users must ensure they want that. The scripts also accept DB credentials on the command line (examples show --password), which is expected but exposes passwords on process lists.
Install Mechanism
Instruction-only with no install spec. The only optional dependency is mysql-connector-python, which the code imports conditionally and reports clearly if missing. No downloads or external installers are used.
Credentials
The skill declares no required environment variables or secrets. The scripts accept DB credentials as CLI args (host/user/password) which is appropriate for database access. No unrelated credentials or config paths are requested.
Persistence & Privilege
always is false; the skill does not request persistent or privileged system presence and does not modify other skills or system agent configuration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install db-smart-importer - 安装完成后,直接呼叫该 Skill 的名称或使用
/db-smart-importer触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of db-smart-importer: import CSV and SQL dumps into MySQL, MariaDB, and SQLite with smart schema analysis and column mapping.
- Import data from CSV and .sql files into MySQL, MariaDB, or SQLite databases.
- Analyze source and destination schemas for informed mapping.
- Suggest column mappings using content-based pattern matching.
- Support data migration and SQL dump parsing workflows.
- Scripts for schema analysis, mapping suggestions, and executing imports included.
- Strongly emphasizes user review of mappings and database backup before changes.
元数据
常见问题
DB Smart Import 是什么?
Intelligent database import from .csv and .sql dumps into MySQL, MariaDB, and SQLite. Analyzes schemas, parses SQL dumps, suggests column mappings based on c... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 96 次。
如何安装 DB Smart Import?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install db-smart-importer」即可一键安装,无需额外配置。
DB Smart Import 是免费的吗?
是的,DB Smart Import 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
DB Smart Import 支持哪些平台?
DB Smart Import 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 DB Smart Import?
由 jarbcs1-prog(@jarbcs1-prog)开发并维护,当前版本 v1.0.0。
推荐 Skills