MySQLClaw Skill v1.0.6
The MySQLClaw skill provides a security-hardened interface for managing user data, personas, and configuration snapshots within a MySQL database, specifically designed for OpenClaw agents.
Capability Scope
This skill requires only MySQL database credentials (MYSQL_USER, MYSQL_PASSWORD, MYSQL_HOST, MYSQL_PORT). It does not require, request, or use wallet access, cryptocurrency keys, blockchain-related capabilities, financial transaction systems, or payment processing APIs. The skill's secret-redaction patterns include Stripe key detection purely as a defensive measure to prevent accidental storage of third-party secrets — it does not interact with Stripe or any payment system.
Dependencies
| Requirement | Install Command |
|---|---|
| MySQL client (mysql >= 8.0) | Debian/Ubuntu: sudo apt install default-mysql-client · RHEL: sudo yum install mysql · macOS: brew install mysql-client |
| OpenSSL | Usually pre-installed. Verify with openssl version |
| Bash >= 4.0 | Required for associative arrays and modern features |
| Perl | Required for sanitize_snapshot.sh regex engine (usually pre-installed) |
Required Environment Variables
| Variable | Description |
|---|---|
MYSQL_USER | Dedicated least-privilege MySQL account (see setup below) |
MYSQL_PASSWORD | Password for the MySQL account |
MYSQL_HOST | MySQL server hostname (default: localhost) |
MYSQL_PORT | MySQL server port (default: 3306) |
Security Note: Passwords are never passed on the command line. All MySQL connections use a temporary
--defaults-extra-filewithchmod 600that is deleted viatrap EXIT-- even on failure.
Security Architecture
1. Credential Handling
- Passwords are never exposed on the command line or in process listings.
- A temporary credentials file (
/tmp/.mysqlclaw_XXXXXX.cnf) is created withchmod 600, used for the connection, and deleted viatrap EXIT-- guaranteed cleanup even onset -efailure. - The setup wizard uses
read -spso the password is not echoed to the terminal.
2. SQL Execution Safety (sql_safe_exec.sh)
All SQL is routed through the sql_safe_exec.sh wrapper which enforces:
| Control | Behavior |
|---|---|
| Multi-statement rejection | Input containing semicolons is rejected outright -- one statement at a time only |
| DDL blocking | DROP, TRUNCATE, ALTER, CREATE are rejected anywhere in the input |
| DML confirmation | INSERT, UPDATE, DELETE, REPLACE trigger interactive confirmation |
| Path traversal prevention | SQL referencing .ssh, /etc/, /home/*/.env, .gnupg, .aws, .config is blocked |
| Database restriction | USE statements are only allowed for the mysqlclaw database |
| Input sanitization | Single quotes are escaped; identifiers are validated against strict regex |
| Trap-based cleanup | Credentials file is removed on ANY exit via trap EXIT |
3. Script Execution (exec_script)
custom_mysql exec_script --file path.sqlroutes all statements throughsql_safe_exec.sh.- Each statement is executed individually through the single-statement wrapper.
- Multi-statement lines are rejected; scripts must contain one statement per line.
- DML statements require interactive confirmation; DDL is blocked.
- Only bundled/reviewed SQL scripts included in this skill directory should be executed.
4. Snapshot Security
- Secret redaction:
sanitize_snapshot.shuses Perl-compatible regex to redact API keys, tokens, passwords, private keys, Stripe keys (sk_live_*), and GitHub tokens (ghp_*) before storage. - Path whitelist: Only files matching patterns in
allowed_snapshot_pathsmay be snapshotted. - Untrusted by default: All snapshots are marked
is_trusted = 0until verified by a user. - Retention policy: Snapshots older than 30 days are auto-purged via MySQL event. Manual purge:
CALL sp_purge_snapshots(30);
5. Input Validation
- Database names, usernames, and identifiers are validated against
^[a-zA-Z_][a-zA-Z0-9_]{0,63}$. - No
evalis used anywhere in the skill.
Installation
cp -r custom_mysql /home/noodly/.openclaw/workspace/skills/
cd /home/noodly/.openclaw/workspace/skills/custom_mysql
./setup_wizard.sh
Creating a Least-Privilege MySQL User
CREATE USER 'mysqlclaw'@'localhost' IDENTIFIED BY 'strong_random_password';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER, INDEX, EVENT, EXECUTE
ON mysqlclaw.* TO 'mysqlclaw'@'localhost';
FLUSH PRIVILEGES;
Do not use a root or admin account.
Commands
| Command | Description |
|---|---|
./setup_wizard.sh | Interactive setup wizard |
./sql_safe_exec.sh "SQL" | Execute a single SQL statement with all safety controls |
./sanitize_snapshot.sh <file> | Redact secrets from a file |
custom_mysql query "SQL" | Agent-facing read-only query interface |
custom_mysql exec_script --file path.sql | Execute a reviewed SQL script |
Changelog
See changelog.md for full version history.