Native Airtable
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A broadly scoped token could let the agent retrieve sensitive Airtable business, customer, or project records during normal use.
The skill requires an Airtable personal access token with schema and record read permissions; if the user grants access to all bases, the agent can read data from every base covered by that token.
Add scopes: - `data.records:read` - `schema.bases:read` ... Under **Access**, select which bases to grant access to (or all)
Create a dedicated Airtable PAT with only the listed read-only scopes and grant it access only to the specific bases needed; revoke or rotate it when no longer needed.