npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@kansodata/openclaw-databricks-plugin

v0.1.2

Published

External Databricks read-only SQL plugin for OpenClaw.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

kansodatakansodata

Keywords

Readme

OpenClaw Databricks Plugin

External OpenClaw plugin for conservative Databricks SQL access.

Requirements:

  • OpenClaw host version >= 2026.4.2
  • Plugin entry key: plugins.entries.databricks

This package provides:

  • Runtime tool: databricks_sql_readonly
  • Skill pack: databricks
  • Read-only SQL execution only (SELECT or WITH ... SELECT)

Why this plugin

This plugin is built for secure, production-minded Databricks usage inside OpenClaw.

Key differentiators:

  • Real OpenClaw code plugin, not only an instruction pack
  • Conservative read-only SQL scope
  • Explicit compatibility metadata for OpenClaw plugin packaging
  • Fail-closed validation model
  • Reduced attack surface compared with broad operational connector patterns
  • Clear separation between supported execution paths and unsupported requests

Security posture

This plugin intentionally limits scope to safer Databricks workflows:

  • Supports single SELECT
  • Supports single WITH ... SELECT
  • Blocks mutating SQL operations
  • Blocks multi-statement execution
  • Supports optional catalog/schema allowlists
  • Rejects ambiguous target resolution when allowlists are enforced

This design is intentional. The goal is not maximum surface area. The goal is safer, more predictable Databricks access for OpenClaw deployments.

Who this is for

Use this plugin if you want:

  • safer Databricks SQL access in OpenClaw
  • a real plugin artifact instead of only textual instructions
  • controlled enterprise usage patterns
  • reduced operational risk
  • compatibility-aware plugin packaging

Install

Preferred:

openclaw plugins install @kansodata/openclaw-databricks-plugin

Source-specific:

openclaw plugins install clawhub:@kansodata/openclaw-databricks-plugin
openclaw plugins install npm:@kansodata/openclaw-databricks-plugin

OpenClaw checks ClawHub first for bare package installs, then falls back to npm.

Configure

{
  "plugins": {
    "entries": {
      "databricks": {
        "enabled": true,
        "config": {
          "host": "https://dbc-example.cloud.databricks.com",
          "token": "dapi...",
          "warehouseId": "abc123",
          "readOnly": true
        }
      }
    }
  }
}

Restart gateway after configuration changes.

For real execution, host, token, and warehouseId are required.

Configuration Fields

Required:

  • host
  • token
  • warehouseId

Optional:

  • timeoutMs (default 30000)
  • retryCount (default 1, range 0..3)
  • pollingIntervalMs (default 1000)
  • maxPollingWaitMs (default 30000)
  • allowedCatalogs (default [])
  • allowedSchemas (default [])
  • readOnly (must stay true)

Environment fallbacks:

  • DATABRICKS_HOST
  • DATABRICKS_TOKEN
  • DATABRICKS_WAREHOUSE_ID
  • DATABRICKS_READ_ONLY

Security and Hardening

  • Fail-closed host validation:
    • HTTPS only
    • No path/query/fragment/userinfo/custom port
    • No localhost/IP literals
    • Hostname must match Databricks suffixes (*.cloud.databricks.com, *.azuredatabricks.net, *.gcp.databricks.com)
  • Token and sensitive values are redacted in runtime logs and normalized error output.
  • SQL policy is read-only and blocks mutating keywords and multi-statement input.
  • Allowlists are enforced conservatively:
    • If targets cannot be resolved safely, request is rejected.
    • Ambiguous target syntax is rejected when allowlists are configured.
    • catalog and schema request parameters do not bypass SQL target checks.

Runtime Behavior

databricks_sql_readonly:

  • Submits SQL via Databricks SQL Statements API.
  • Polls statement status until a terminal state or timeout budget exhaustion.
  • Treats SUCCEEDED as success.
  • Treats FAILED / CANCELED as explicit failures.
  • Uses retryCount for transient submit and poll failures (429, 408, 5xx, and timeout aborts).

Scope Limits

Out of scope in this version:

  • Jobs API execution
  • Unity Catalog lineage APIs
  • Any mutating SQL support

Publish Notes

This package is intended for external distribution (ClawHub/npm), not bundled OpenClaw core.

External Publish Workflow

  1. Validate locally:
pnpm install
pnpm lint
pnpm typecheck
pnpm test
npm pack --dry-run
  1. Publish to npm (when credentials are configured):
npm publish --access public
  1. Publish/list in ClawHub according to the ClawHub submission flow for external plugins.