Airtable
PassAudited by ClawScan on May 1, 2026.
Overview
This is a disclosed Airtable integration that uses a Maton API key and managed OAuth to read and modify Airtable data, with write actions requiring user approval.
Install this only if you trust Maton to broker Airtable access. Keep the MATON_API_KEY private, connect the correct Airtable account, and carefully review any proposed create, update, or delete operation before approving it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the agent can change or delete Airtable records in the connected account.
The skill can perform high-impact Airtable write operations, including updates and deletes, but it discloses this capability and requires explicit user confirmation.
Manage bases, tables, and records with full CRUD operations. ... All write operations require explicit user approval. Before executing any create, update, or delete call, confirm the target resource and intended effect with the user.
Before approving write actions, verify the exact base, table, records, and intended effect; consider backups or Airtable revision history for important data.
Anyone or any agent with the Maton API key may be able to use the connected Airtable permissions exposed through this integration.
The skill relies on a Maton API key and delegated OAuth access to act against the user’s Airtable account, which is expected for this integration but sensitive.
Access the Airtable API with managed OAuth authentication. ... Authorization: Bearer $MATON_API_KEY ... Maton proxies requests to `api.airtable.com` and automatically injects your OAuth token.
Keep the MATON_API_KEY secret, connect only the intended Airtable account, and revoke the Maton/Airtable connection if access is no longer needed.
Airtable record contents, queries, and metadata sent through the skill may be visible to or processed by Maton as the proxy provider.
Airtable requests and responses pass through Maton’s API gateway before reaching Airtable, creating a third-party data flow that users should understand.
Base URL: https://api.maton.ai/airtable/{native-api-path} ... Maton proxies requests to `api.airtable.com` and automatically injects your OAuth token.Use this only for Airtable data you are comfortable routing through Maton, and review Maton’s account, connection, and privacy settings.