Back to skill
Skillv1.0.0
ClawScan security
Pipeworx nominatim · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 6, 2026, 7:04 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its description (a simple Nominatim wrapper that uses curl and a Pipeworx gateway) and requests no credentials, but it will transmit location queries to a third‑party gateway and suggests running an npx command (which executes remote code) — review privacy and execution risk before use.
- Guidance
- This skill is a thin wrapper that forwards geocoding queries to Pipeworx's gateway (https://gateway.pipeworx.io). Before installing or using it, consider: (1) privacy — address strings and coordinates are potentially sensitive PII and will be sent to a third party (review Pipeworx's privacy policy and audit their gateway if this matters); (2) authenticity — the gateway is not the official OpenStreetMap Nominatim server, so responses may differ and you should verify TLS/certificate and trustworthiness; (3) optional setup risk — the SKILL.md suggests running npx mcp-remote@latest, which would execute code fetched from the npm registry (avoid running it unless you trust the package and its source); and (4) rate limits and terms — Nominatim usage policies apply, and the gateway claims to enforce them but you should confirm behavior for bulk or sensitive requests.
Review Dimensions
- Purpose & Capability
- okName and description match the runtime instructions: the SKILL.md shows the agent calling a Pipeworx gateway to perform forward/reverse geocoding. Required binaries are only curl, which is appropriate for making HTTP calls.
- Instruction Scope
- noteInstructions direct requests to https://gateway.pipeworx.io/nominatim/mcp (a third‑party gateway) rather than directly to nominatim.openstreetmap.org. This is coherent with the skill's purpose but means user-provided addresses/coordinates are sent off‑host; the SKILL.md also includes an example setup that runs npx to fetch mcp-remote, which would execute remote code if the user follows it.
- Install Mechanism
- okNo install spec is present (instruction-only), so nothing is written to disk by default. The only install-like action appears in an optional setup snippet that uses npx to run mcp-remote@latest; that is not required by the skill but carries the usual risks of executing a remote package if run.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. That is proportional to its function as a simple HTTP-based wrapper to a geocoding service.
- Persistence & Privilege
- okThe skill is not always-enabled and does not ask to modify agent/system configuration. It does not request elevated persistence or access to other skills' credentials.