Pipeworx ashby
AdvisoryAudited by VirusTotal on Apr 22, 2026.
Overview
Type: OpenClaw Skill Name: pipeworx-ashby Version: 1.0.0 The skill bundle provides a standard Model Context Protocol (MCP) interface for the Ashby Applicant Tracking System (ATS). It defines functions for managing candidates, jobs, and applications, and points to a remote MCP server at gateway.pipeworx.io. No malicious code, obfuscation, or harmful prompt injection attempts were found in SKILL.md or _meta.json.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Candidate resumes, contact details, and interview history could be exposed to a third-party gateway or accessed more broadly than intended if the MCP server is misconfigured or over-permissioned.
The skill routes access to highly sensitive ATS candidate data through an external MCP gateway, but the artifacts do not explain identity, authorization, retention, logging, or data-boundary controls for that gateway.
"Get full candidate profile by ID. Returns contact info, resume, interview history" ... "url": "https://gateway.pipeworx.io/ashby/mcp"
Only use this after verifying the Pipeworx gateway’s authorization model, data handling policy, and tenant isolation, and limit requests to specific candidate or job records the user explicitly needs.
The agent may access ATS records under an unclear account or delegated permission set, which can make auditing and least-privilege control difficult.
The skill is described as accessing Ashby ATS data, but the metadata declares no credential or permission contract, leaving unclear whose Ashby privileges are used and what scope is granted.
Required env vars: none; Env var declarations: none; Primary credential: none
Require clear authentication documentation before installation, including which Ashby account or token is used, what scopes are granted, and how access can be revoked.
You cannot verify from these artifacts what code runs behind the remote MCP server or how it handles Ashby data.
The reviewed package contains only instructions and a remote MCP endpoint, so the actual server-side implementation handling ATS data is outside the provided artifacts.
Source: unknown; Homepage: none; No code files present — this is an instruction-only skill.
Confirm the publisher, review any available Pipeworx/Ashby integration documentation, and prefer a version with clear provenance and data-processing terms.