Dataview
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a local data-operation logbook, not an exfiltration tool, but it saves whatever is entered into local log files.
Install only if you want a local logbook for data-operation notes. Do not paste secrets or sensitive datasets into the commands unless you are comfortable with them being stored under ~/.local/share/dataview, and verify the installed dataview command matches the reviewed script.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Data names, query text, or pasted snippets may remain on disk after use and could be resurfaced later.
User-provided operation text is persisted in local log files and can later be searched, viewed, or exported.
DATA_DIR="${HOME}/.local/share/dataview" ... echo "$ts|$input" >> "$DATA_DIR/query.log"Avoid entering secrets or sensitive records unless you want them stored locally; periodically review or delete ~/.local/share/dataview if needed.
Users may need to verify how the dataview command is installed and ensure it points to the reviewed script.
The skill documents a dataview CLI and includes a Bash script, but the registry does not define an install mechanism for that command.
No install spec — this is an instruction-only skill.
Install only from the listed source or reviewed artifact, and confirm the dataview command resolves to the expected local script.
A user expecting live CSV/JSON analysis may instead get persistent logs of requested operations.
The broader registry wording may sound like an actual CSV/JSON query engine, while the artifacts mainly show a local operation tracker that records entries.
Description: Explore CSV and JSON files with quick queries, filters, and aggregation.
Treat this as a lightweight local tracking/logging utility unless additional reviewed functionality is provided.