← 返回 Skills 市场
callxor

PostgreSQL Database

作者 callxor · GitHub ↗ · v1.0.3 · MIT-0
cross-platform ⚠ suspicious
218
总下载
1
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install postgresql-db
功能描述
PostgreSQL 数据库操作技能。支持连接管理、表结构查询、CRUD 操作、备份恢复、pgvector 向量查询。使用 psql 命令行工具,适合生产环境数据库运维和开发查询。
安全使用建议
This skill is functionally coherent with a PostgreSQL admin/utility but there are a few red flags to consider before installing: - Metadata mismatch: The skill's registry entry lists no required env vars or binaries, but the documentation and scripts require psql (and DB credentials). Treat this as a packaging/metadata bug; ask the publisher to declare required env vars and binaries. - Secrets handling: The skill will source .env and/or read ~/.pgpass. Ensure those files contain only the intended DB credentials and no unrelated secrets. Prefer a least-privilege, read-only user when possible for query operations. - Arbitrary SQL: The skill (and its scripts) execute user-provided SQL. Only run in trusted environments and avoid feeding untrusted SQL. - Backups: The backup script writes files to a backups/ directory and deletes files older than 7 days. Make sure backup storage is secure (encryption/ACLs) and confirm retention policy fits your needs. What would change the assessment to benign: the publisher updating registry metadata to explicitly declare required env vars and required binaries (psql/pg_dump), and an explicit statement that scripts do not transmit data off-host. If you cannot confirm those, treat the skill as operationally useful but proceed with caution.
功能分析
Type: OpenClaw Skill Name: postgresql-db Version: 1.0.3 The skill bundle provides standard PostgreSQL database management utilities, including querying, backup, and CSV export. The scripts (db_backup.sh, db_export_csv.sh, db_query.sh) and documentation (SKILL.md) align with the stated purpose of database administration. While the scripts use the PGPASSWORD environment variable in a way that could potentially expose credentials to other local users via process listings, this is a common implementation flaw rather than evidence of malicious intent. No indicators of data exfiltration, unauthorized remote access, or prompt injection were found.
能力评估
Purpose & Capability
SKILL.md and included scripts clearly require PostgreSQL client tools (psql, optionally pg_dump) and DB credentials (DB_HOST, DB_PORT, DB_NAME, DB_USER, DB_PASSWORD or ~/.pgpass). The skill metadata however declares no required env vars or binaries — this mismatch is unexpected and should be corrected.
Instruction Scope
Runtime instructions explicitly tell the agent to read .env or ~/.pgpass, write backups to local disk, and execute user-supplied SQL. Those actions are within the stated purpose (DB administration) but executing arbitrary SQL and sourcing .env grants broad access to whatever environment variables are present — the SKILL.md warns about this but leaves execution decisions to the operator.
Install Mechanism
No install spec (instruction-only) and the shipped scripts are simple shell helpers; nothing in the package downloads external code. This is lower risk than a remote install, but the agent environment must have psql available.
Credentials
The skill needs database credentials to function (and the SKILL.md names DB_HOST/DB_PORT/DB_NAME/DB_USER/DB_PASSWORD), which is appropriate for a DB tool. However the registry metadata does not declare these environment variables or a primary credential, creating a transparency gap. Also sourcing .env can import unrelated secrets if present — users should ensure .env only contains DB-relevant values and use least-privilege DB accounts.
Persistence & Privilege
The skill does not request always:true and appears not to modify other skills or system-wide settings. It writes local backup files (as expected) and cleans up old backups per its script.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install postgresql-db
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /postgresql-db 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
- 明确了技能依赖的环境变量(DB_HOST, DB_PORT, DB_NAME, DB_USER, DB_PASSWORD)或 ~/.pgpass 文件存储凭证 - 调整描述说明,更突出凭证获取方式和环境变量配置要求 - 其他功能和使用方式保持不变
v1.0.2
- 优化和补充了技能描述,强调“需要数据库凭证”,并说明凭证读取方式。 - 说明本技能依赖 .env 或 ~/.pgpass 获取凭证,所有操作基于 psql 命令行工具执行。 - 进一步明确本技能适合生产环境数据库运维和开发查询场景。 - 未更改命令范例和实际操作说明,功能保持一致。
v1.0.1
- 增加了安全声明,明确所需权限和使用安全提示 - 指出敏感操作风险:访问数据库凭证、写备份到本地、执行用户 SQL - 强调仅在受信任环境、使用最小权限账户,并注意备份文件安全 - 其他内容未变
v1.0.0
zh_CN: v1.0.0 - 初始发布 核心功能 - 🔍 数据库查询(SELECT/INSERT/UPDATE/DELETE) - 📊 表结构查看(\d, \dt 等 psql 命令) - 💾 自动备份(保留 7 天) - 📁 CSV 导出 - 🔎 pgvector 向量相似度搜索 - 📈 性能监控(连接数/慢查询/锁) 包含脚本 - `db_query.sh` - SQL 查询工具 - `db_backup.sh` - 自动备份脚本 - `db_export_csv.sh` - CSV 导出工具 安全特性 - 密码使用环境变量(.env 文件) - 支持 ~/.pgpass 免密登录 - 无硬编码敏感信息 适用场景 - 生产环境数据库运维 - AI 应用向量查询 - 数据导出/备份 - 性能问题排查 配置示例 (.env 文件) ```bash DB_HOST=your-db-host.example.com DB_PORT=5432 DB_NAME=your_database DB_USER=your_user DB_PASSWORD=your_password en_US: v1.0.0 - Initial Release Core Features - 🔍 Database Query (SELECT/INSERT/UPDATE/DELETE) - 📊 Table Schema Inspection (\d, \dt, and other psql commands) - 💾 Automated Backup (7-day retention) - 📁 CSV Export - 🔎 pgvector Vector Similarity Search - 📈 Performance Monitoring (connections/slow queries/locks) Included Scripts - `db_query.sh` - SQL query tool - `db_backup.sh` - Automated backup script - `db_export_csv.sh` - CSV export tool Security Features - Password via environment variables (.env file) - Supports ~/.pgpass for passwordless login - No hardcoded sensitive information Use Cases - Production database operations - AI application vector queries - Data export/backup - Performance troubleshooting ## Configuration Example (.env file) bash DB_HOST=your-db-host.example.com DB_PORT=5432 DB_NAME=your_database DB_USER=your_user DB_PASSWORD=your_password
元数据
Slug postgresql-db
版本 1.0.3
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 4
常见问题

PostgreSQL Database 是什么?

PostgreSQL 数据库操作技能。支持连接管理、表结构查询、CRUD 操作、备份恢复、pgvector 向量查询。使用 psql 命令行工具,适合生产环境数据库运维和开发查询。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 218 次。

如何安装 PostgreSQL Database?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install postgresql-db」即可一键安装,无需额外配置。

PostgreSQL Database 是免费的吗?

是的,PostgreSQL Database 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

PostgreSQL Database 支持哪些平台?

PostgreSQL Database 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 PostgreSQL Database?

由 callxor(@callxor)开发并维护,当前版本 v1.0.3。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论