← 返回 Skills 市场
252
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install mysql-database-skill
功能描述
MySQL 数据库操作技能。通过 mysql CLI 连接数据库,执行 SELECT 查询、INSERT/UPDATE/DELETE 增删改、批量 SQL 执行、事务控制、数据库/表管理、JSON 格式输出。适用场景:查用户数据、统计报表、数据导入导出、数据库巡检、表结构查看、远程连接、生产环境调试。触发关键词:...
安全使用建议
This appears to be a legitimate MySQL CLI instruction guide, but it is sloppy in ways that matter for safety. Before installing or using it: (1) Confirm the skill author/source — there is no homepage or publisher info. (2) Expect to provide database credentials to actually use these commands; the SKILL.md shows MYSQL_PWD and ~/.my.cnf but the skill metadata doesn't declare required env vars — verify how you'll supply secrets and avoid exposing passwords in process env when possible. (3) Review and restrict what the agent is allowed to run: the examples include destructive operations (DELETE, UPDATE), file-writing on the DB server (INTO OUTFILE), and file import (LOAD DATA LOCAL INFILE). Only allow the skill to run against safe/test databases unless you fully trust the user and environment. (4) Ask the publisher to: declare required binaries (mysql, jq, sed), list expected env vars/credential names, remove root/cleartext-password examples, and fix shell redirection examples (use /dev/null for POSIX shells). If you cannot verify the source or do not want the agent to have autonomous access to run high-impact DB commands, do not enable autonomous invocation or avoid installing the skill.
功能分析
Type: OpenClaw Skill
Name: mysql-database-skill
Version: 1.0.1
The mysql-database-skill bundle is a well-documented set of instructions for an AI agent to interact with MySQL databases using the standard CLI. It provides comprehensive examples for querying, data manipulation, and schema management, while correctly advising on security practices such as using environment variables (MYSQL_PWD) or configuration files (~/.my.cnf) instead of plaintext passwords in command arguments. No evidence of data exfiltration, malicious execution, or prompt injection was found in SKILL.md or _meta.json.
能力评估
Purpose & Capability
The name/description (MySQL CLI operations) align with the SKILL.md content: it instructs use of the mysql CLI to run queries, imports/exports, transactions, and JSON output. However the package metadata does not declare the obvious runtime dependencies (mysql, jq, sed), which is an omission/incoherence: a MySQL CLI skill should declare those required binaries.
Instruction Scope
SKILL.md tells the agent to run mysql and jq, parse JDBC URLs, use MYSQL_PWD and ~/.my.cnf, and to run commands that can write files on the DB server (SELECT ... INTO OUTFILE) and import local files (LOAD DATA LOCAL INFILE). All of these are within a DB-administration scope, but they are high-impact (can modify/delete data and write files) and the doc also uses mixed shell redirection (2>$null — PowerShell) which is inconsistent. The instructions reference an environment variable (MYSQL_PWD) and config file (~/.my.cnf) even though the skill declares no required env/config — that mismatch should be addressed.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest install risk. Nothing will be downloaded or written by an installer. Runtime risk depends entirely on commands run by the agent (mysql/jq).
Credentials
The skill metadata lists no required environment variables or primary credential, but the instructions demonstrate explicit use of MYSQL_PWD and ~/.my.cnf (password in env or file). This is a mismatch: the skill will encourage/require credentials to connect to databases but does not declare them. The examples also show use of root and cleartext passwords, which is risky practice and not justified in metadata.
Persistence & Privilege
always is false and there is no install step that persists code or modifies other skills; the skill does not request persistent platform privileges. Autonomous invocation is enabled by default (disable-model-invocation false) — that is platform normal but combined with high-impact DB operations it increases blast radius if the agent is allowed to call the skill without oversight.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install mysql-database-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/mysql-database-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Added copyright: 少煊 <[email protected]>
v1.0.0
Initial release: MySQL database operations with SELECT/INSERT/UPDATE/DELETE, batch execution, transactions, EXPLAIN analysis, and JSON output.
元数据
常见问题
MySQL Database CLI Skill 是什么?
MySQL 数据库操作技能。通过 mysql CLI 连接数据库,执行 SELECT 查询、INSERT/UPDATE/DELETE 增删改、批量 SQL 执行、事务控制、数据库/表管理、JSON 格式输出。适用场景:查用户数据、统计报表、数据导入导出、数据库巡检、表结构查看、远程连接、生产环境调试。触发关键词:... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 252 次。
如何安装 MySQL Database CLI Skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install mysql-database-skill」即可一键安装,无需额外配置。
MySQL Database CLI Skill 是免费的吗?
是的,MySQL Database CLI Skill 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
MySQL Database CLI Skill 支持哪些平台?
MySQL Database CLI Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 MySQL Database CLI Skill?
由 429668385(@429668385)开发并维护,当前版本 v1.0.1。
推荐 Skills