← 返回 Skills 市场

Sql Audit

Name: Sql Audit
Author: lovenervermore

作者 LoveNerverMore · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

239

总下载

当前安装

版本数

在 OpenClaw 中安装

/install sql-audit

功能描述

SQL 语法与安全审核，它将真正执行，并返回执行的数据结果

安全使用建议

This skill will actually run SQL against whatever database credentials you provide and may call an external LLM (Gemini) if configured. Before installing or running it: - Don't supply high-privilege DB credentials. Create and use a dedicated, read-only DB user limited to the minimal schemas/tables needed. - Verify how you will provide credentials: the code expects DB_DSN or an explicit db_dsn input, but SKILL.md lists DB_HOST/DB_USER/etc — fix this mismatch and test in a safe environment. - Be aware index.js loads ../.env (the parent .env). That can leak other project secrets into the skill; store DB/GEMINI credentials in a separate, minimal .env for the skill or avoid using a project-wide .env. - The skill may make outbound HTTP calls (Gemini) using GEMINI_API_URL/GEMINI_API_KEY/GEMINI_TOKEN. Only provide tokens that are scoped and revocable. - Review the included sql_audit.py code (especially the parts that build and send LLM requests and error handling) before use. Run the skill in an isolated environment or staging DB first. - If you cannot review the code or control the DB credentials and network egress, do not install or run this skill. I rated this 'suspicious' (not 'malicious') because many behaviors are reasonable for an SQL execution/audit tool, but the undocumented env usage, .env loading from the project root, and mismatch between docs and runtime make it unclear and potentially dangerous without careful configuration and review.

功能分析

Type: OpenClaw Skill Name: sql-audit Version: 1.0.0 The skill bundle is classified as suspicious due to a significant discrepancy between its documentation and implementation, alongside high-risk credential handling. While SKILL.md claims the tool performs security auditing and intercepts write operations or full table scans, the actual code in sql_audit.py and index.js lacks these safeguards and executes raw SQL directly. Furthermore, the code contains a hardcoded JWT token and directs LLM requests to a specific IP address (47.77.199.56) instead of a standard API endpoint, which could facilitate data interception or unauthorized access.

能力评估

⚠ Purpose & Capability

The skill's stated purpose is to audit and actually execute SQL against StarRocks/Doris. Executing SQL requires database credentials — which the code uses — so that part is coherent. However the SKILL.md lists DB_HOST/DB_PORT/DB_USER/DB_PASSWORD/DB_NAME as .env keys while the runtime (index.js / python) prefers a single DB_DSN environment variable or an explicit db_dsn input. The registry metadata also declared no required env vars, which is inconsistent with the code and README.

⚠ Instruction Scope

The instructions and implementation perform real SQL execution (expected) but also read configuration from a parent .env file (index.js loads ../.env) which can expose unrelated secrets to the skill. The skill may call an external LLM (Gemini) for fallback candidate generation using GEMINI_API_* envs. The code will execute arbitrary SQL provided to it (or from candidates), so callers must ensure those queries are safe and that the DB credentials have minimal privileges.

ℹ Install Mechanism

No install spec is provided (lower install risk), but the package includes two code files (index.js and sql_audit.py) and has runtime Python dependencies (pymysql, httpx) that are not documented in a package install step. The absence of declared dependency installation means runtime failures or implicit dependency pulls are possible.

⚠ Credentials

The skill requires database credentials and optionally Gemini API keys/tokens to function, but the registry metadata declared no required env vars. Worse, index.js loads ../.env (project root) into process.env, potentially exposing unrelated secrets stored there to the skill and to the spawned Python process. The discrepancy between documented .env keys and actual code (DB_HOST vs DB_DSN) is confusing and risky.

✓ Persistence & Privilege

The skill does not request always:true and does not modify other skills' configs. It runs as an invoked skill (normal privilege). There is no evidence it persists beyond its execution footprint.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install sql-audit
安装完成后，直接呼叫该 Skill 的名称或使用 /sql-audit 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

sql-audit v1.0.2 - 新增对 SQL 语法与安全的静态审核，包括拦截全表扫描、写操作及跨库非法关联。 - 支持真实连接 StarRocks/Doris 数据库，执行 SQL 并返回数据结果。 - 输入支持多候选 SQL 与用户原始查询，并返回数据、行数、执行状态、重试建议等信息。 - 输出结果包括是否成功、查询数据、结果行数、重试建议及简化后的指标候选。 - 文档详细说明依赖项与独立运行方法。

元数据

Slug sql-audit

版本 1.0.0

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 1

常见问题

Sql Audit 是什么？

SQL 语法与安全审核，它将真正执行，并返回执行的数据结果. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 239 次。

如何安装 Sql Audit？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install sql-audit」即可一键安装，无需额外配置。

Sql Audit 是免费的吗？

是的，Sql Audit 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Sql Audit 支持哪些平台？

Sql Audit 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Sql Audit？

由 LoveNerverMore（@lovenervermore）开发并维护，当前版本 v1.0.0。