wordbricks/onequery-openclaw
packages/openclaw-plugin/skills/onequery-cli/SKILL.md
Use OpenClaw's exec tool to inspect orgs, sources, and run bounded read-only SQL through the OneQuery CLI directly.
$ install --global
skillsauthnpx skillsauth add wordbricks/onequery onequery-openclawInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 24, 2026, 6:20 AM351.9s1 file scanned
SKILL.md
- name:
- onequery-openclaw
- description:
- Use OpenClaw's exec tool to inspect orgs, sources, and run bounded read-only SQL through the OneQuery CLI directly.
- metadata:
- {"openclaw":{"requires":{"bins":["onequery"]},"homepage":"https://github.com/wordbricks/onequery"}}
Use this skill when the user wants company or customer data that should be read through OneQuery-managed access, or when you need to resolve org and source context before a bounded query.
Use OpenClaw's exec tool to run the onequery CLI directly. Prefer
--json so the result stays structured.
Use these commands in this order:
onequery auth whoami --jsononequery org current --jsonoronequery org list --json --page-size 25onequery source list --org <org> --json --page-size 25onequery source show <source> --org <org> --jsononequery query validate --org <org> --source <source> --json --sql '<sql>' --max-rows 100 --max-bytes 1048576 --cell-max-chars 2000 --timeout-ms 60000onequery query exec --org <org> --source <source> --json --sql '<sql>' --max-rows 100 --max-bytes 1048576 --cell-max-chars 2000 --timeout-ms 60000
Rules:
- Always pass an explicit
--orgto org-scoped source and query commands. - Prefer
query validatebeforequery execfor unfamiliar SQL or provider dialects. - Start with
select 1, a row count, or a bounded aggregate before wide row dumps. - Keep reads aggressively bounded with
--max-rows,--max-bytes,--cell-max-chars, and small page sizes. query execsupports--page-size,--cursor, and--page-all;query validatedoes not.- Only run read-only SQL. Reject obviously mutating statements instead of executing them.
- Treat informal source names as aliases to resolve, not literal source keys.
- Use shell-safe argument construction. Do not pass user text through shell operators, command substitution, or chained commands.
- For long or quote-heavy SQL, write it to a temporary UTF-8 file and use
--file <path>instead of forcing brittle shell escaping. - If
onequeryis unavailable, ask the operator to install it or expose it onPATH. - If
execruns under restrictive approval or allowlist policy, ask the operator to allow the resolvedonequerybinary or enable skill-bin auto-allow. - In your final answer, report the org, source, and any request id returned by the CLI.
Recovery:
- Auth issues: rerun
onequery auth whoami --json, then ask the user to refresh the OneQuery CLI session if needed. - Org ambiguity:
onequery org list --json --page-size 25 - Source ambiguity:
onequery source list --org <org> --json --page-size 25, thenonequery source show <source> --org <org> --json - SQL shape issues:
onequery query validate ...
Related Skills
openclaw/taskflow
tools
VerifiedTrustedCommunity
Use when work should span one or more detached tasks but still behave like one job with a single owner context. TaskFlow is the durable flow substrate under authoring layers like Lobster, ACPX, plugins, or plain code. Keep conditional logic in the caller; use TaskFlow for flow identity, child-task linkage, waiting state, revision-checked mutations, and user-facing emergence.
357,764SKILL.mdUpdated Apr 10, 2026
openclaw/extensions/lobster
tools
VerifiedTrustedCommunity
# Lobster Lobster executes multi-step workflows with approval checkpoints. Use it when: - User wants a repeatable automation (triage, monitor, sync) - Actions need human approval before executing (send, post, delete) - Multiple tool calls should run as one deterministic operation ## When to use Lobster | User intent | Use Lobster? | | ------------------------------------------------------ | --------------------------
357,764SKILL.mdUpdated Apr 10, 2026
steipete/extensions/lobster
tools
VerifiedTrustedCommunity
# Lobster Lobster executes multi-step workflows with approval checkpoints. Use it when: - User wants a repeatable automation (triage, monitor, sync) - Actions need human approval before executing (send, post, delete) - Multiple tool calls should run as one deterministic operation ## When to use Lobster | User intent | Use Lobster? | | ------------------------------------------------------ | --------------------------
357,588SKILL.mdUpdated Apr 13, 2026
steipete/xurl
tools
VerifiedTrustedCommunity
A CLI tool for making authenticated requests to the X (Twitter) API. Use this skill when you need to post tweets, reply, quote, search, read posts, manage followers, send DMs, upload media, or interact with any X API v2 endpoint.
356,423SKILL.mdUpdated Apr 13, 2026