Palantir Foundry CLI
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: pltr-cli Version: 1.0.1 The OpenClaw AgentSkills skill bundle for `pltr-cli` is benign. It provides comprehensive documentation and example scripts for interacting with Palantir Foundry, covering administrative tasks, data operations, and pipeline management. All commands and scripts are focused on legitimate `pltr-cli` functionality, such as listing/creating resources, executing SQL queries, managing permissions, and exporting data to local files. There is no evidence of intentional harmful behavior, data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent to deviate from its stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed and used with a privileged token, the agent can act as the user's Foundry identity, potentially including production or admin access.
The skill instructs use of Foundry tokens and named profiles, including production, even though the registry metadata declares no primary credential or required env vars.
export FOUNDRY_TOKEN="your-token" export FOUNDRY_HOST="foundry.company.com" ... pltr <command> --profile production
Use a least-privilege token and a non-production profile by default; declare the required credential/binary in metadata and require explicit user approval before using privileged profiles.
A mistaken or overly autonomous invocation could permanently delete business resources or make other high-impact Foundry changes.
The skill documents irreversible resource deletion and shows an example using --force, which bypasses confirmation.
pltr resource permanently-delete RESOURCE_RID [--force] # WARNING: This action is irreversible! # Example pltr resource permanently-delete ri.foundry.main.dataset.abc123 --force
Require explicit confirmation for deletes, permission changes, stream resets, publishes, and admin actions; avoid --force/--confirm unless the user specifically asks for it.
The package install is expected for this skill, but users must trust the external pltr-cli package and its dependencies.
The skill relies on an external CLI package installed from PyPI, but the skill has no install spec or pinned dependency information.
pip install pltr-cli # Or with pipx (isolated) pipx install pltr-cli
Install with pipx or a controlled virtual environment, pin reviewed versions, and verify the package source before use.
Agent session exports or LLM-related commands could expose sensitive conversation metadata or content if run without care.
The skill can enumerate and export AIP Agent conversation sessions, which may contain sensitive agent-session data.
### Export Session History
pltr aip-agents sessions list ri.foundry.main.agent.abc123 \
--all \
--format json \
--output all-sessions.jsonOnly export agent sessions or send text to language-model features when the user has confirmed the data is allowed to leave its current context.