ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Native Airtable

v0.1.0

Read Airtable bases, tables, and records directly via the Airtable API. Use when you need spreadsheet/database data from Airtable. Calls api.airtable.com dir...

2· 545·1 current·1 all-time
by@codeninja23
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included CLI script and required env var. The skill only needs python3 and an Airtable PAT (AIRTABLE_PAT) to call api.airtable.com, which is exactly what a native Airtable reader should require.
Instruction Scope
SKILL.md instructs the agent to set AIRTABLE_PAT and run the provided script under /mnt/skills/user/.... The script only reads AIRTABLE_PAT, makes HTTPS calls to api.airtable.com, and prints responses to stdout. It does not read other system files, config paths, or send data to external endpoints beyond api.airtable.com.
Install Mechanism
No install spec is provided (instruction-only with a bundled script) and the only runtime dependency is python3. No downloads, package installs, or third-party installers are requested.
Credentials
The skill declares a single required environment variable AIRTABLE_PAT (also primaryEnv). That matches the functionality and is proportionate; no unrelated secrets or multiple credentials are requested.
Persistence & Privilege
The skill is not forced as always:true and is user-invocable. It does not attempt to modify other skills or system-wide settings. Autonomous invocation remains possible (platform default) but is not combined with any extra privileges.
Assessment
This skill appears to do exactly what it claims: call api.airtable.com using a Personal Access Token (AIRTABLE_PAT) and print results. Before installing, consider: - Use a least-privilege PAT (scopes data.records:read and schema.bases:read and limit the bases it can access). If possible create a token that only covers the bases the agent must read. - The script prints record data to stdout; anything the agent does with that output (logging, forwarding) is your responsibility. Don’t provide a PAT that exposes unrelated sensitive bases. - The code has minor correctness issues (search formula formatting and fields handling) and does not sanitize user-supplied formula/query strings — avoid running untrusted queries if you’re worried about unexpected Airtable formula behavior. - If the PAT is ever exposed or you stop using the skill, revoke the token in your Airtable account. Overall this skill is internally consistent and low-risk, but follow standard secret-management practices and review output handling in your agent environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e3s2df3wz20zfqvaxfvt62h81rveg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvAIRTABLE_PAT
Primary envAIRTABLE_PAT

Comments