Pipeworx cfpb
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your CFPB search terms and requests may be sent to the Pipeworx MCP gateway.
The skill routes its MCP tool use through a third-party hosted gateway. This is aligned with the stated CFPB lookup purpose, but it means user queries and returned data pass through that external service boundary.
"url": "https://gateway.pipeworx.io/cfpb/mcp"
Use it for non-sensitive CFPB research queries, and review Pipeworx's trust/privacy posture if your searches are confidential.
You are trusting the hosted MCP endpoint rather than locally reviewed code.
The artifacts do not include source code or a project homepage for the hosted MCP service. This is not suspicious by itself, but it limits independent review of the remote server implementation.
Source: unknown; Homepage: none; No code files present — this is an instruction-only skill.
Prefer this skill when you are comfortable relying on the Pipeworx-hosted service; avoid sending sensitive search context unless you trust that provider.