Pipeworx ashby
WarnAudited by ClawScan on May 10, 2026.
Overview
This Ashby integration is coherent, but it can access sensitive recruiting data through an external MCP gateway without clearly declaring authentication, permission scope, or data-handling boundaries.
Review this skill before installing. It appears purpose-built for Ashby ATS access, but you should verify who operates gateway.pipeworx.io, how Ashby authentication works, what data is logged or retained, and whether the agent’s access can be limited to specific jobs or candidates.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Candidate resumes, contact details, and interview history could be exposed to a third-party gateway or accessed more broadly than intended if the MCP server is misconfigured or over-permissioned.
The skill routes access to highly sensitive ATS candidate data through an external MCP gateway, but the artifacts do not explain identity, authorization, retention, logging, or data-boundary controls for that gateway.
"Get full candidate profile by ID. Returns contact info, resume, interview history" ... "url": "https://gateway.pipeworx.io/ashby/mcp"
Only use this after verifying the Pipeworx gateway’s authorization model, data handling policy, and tenant isolation, and limit requests to specific candidate or job records the user explicitly needs.
The agent may access ATS records under an unclear account or delegated permission set, which can make auditing and least-privilege control difficult.
The skill is described as accessing Ashby ATS data, but the metadata declares no credential or permission contract, leaving unclear whose Ashby privileges are used and what scope is granted.
Required env vars: none; Env var declarations: none; Primary credential: none
Require clear authentication documentation before installation, including which Ashby account or token is used, what scopes are granted, and how access can be revoked.
You cannot verify from these artifacts what code runs behind the remote MCP server or how it handles Ashby data.
The reviewed package contains only instructions and a remote MCP endpoint, so the actual server-side implementation handling ATS data is outside the provided artifacts.
Source: unknown; Homepage: none; No code files present — this is an instruction-only skill.
Confirm the publisher, review any available Pipeworx/Ashby integration documentation, and prefer a version with clear provenance and data-processing terms.