Skillv1.0.0

ClawScan security

MongoDB Atlas · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 9:46 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose (browsing an included Atlas OpenAPI spec and optionally calling the Atlas Admin API using service-account credentials); required binaries and env vars make sense, there is no remote install or obfuscated code, and the runtime scripts contain clear safety prompts for state-changing calls.
Guidance: This skill is coherent with its description: it bundles the Atlas OpenAPI spec and provides Node scripts to browse the spec and (if you provide ATLAS_CLIENT_ID and ATLAS_CLIENT_SECRET) make live API calls. Before installing or using it, consider: - The tool will perform network calls to your Atlas endpoint and will exchange your service-account credentials for an access token (expected for this purpose). The client secret is used only for the token request and is not stored by the skill. - A token cache (access_token and expiry) is written to ~/.openclaw/.cache/mongodb-atlas/token.json; if you share the machine, remove that file when finished or run clearCachedToken if needed. - State-changing HTTP methods (POST/PUT/PATCH/DELETE) require explicit approval in the script and SKILL.md recommends always using --dry-run first. Do not run with --yes in automation unless you intentionally want destructive actions. If you trust the source and will only use it as a read-only spec browser, you can omit setting the Atlas credentials. If you plan to run live calls, provide service-account credentials with least privilege (a service account scoped only to the projects/operations you intend to use).

Review Dimensions

Purpose & Capability: okName/description match the contents: the package includes a full Atlas OpenAPI spec and two Node scripts — one for browsing the spec and one for making API calls. Requiring `node` and Atlas service account credentials (ATLAS_CLIENT_ID, ATLAS_CLIENT_SECRET) is appropriate for this functionality.
Instruction Scope: noteSKILL.md instructs the agent to run local Node scripts that only read the bundled OpenAPI spec and, when credentials are present, perform live HTTP calls to MongoDB Atlas. The runtime scripts are explicit about when they will modify resources and require interactive approval for POST/PUT/PATCH/DELETE. Note: atlas-call.mjs also reads/writes a local token cache and can use optional env vars (ATLAS_GROUP_ID, ATLAS_API_BASE_URL) not listed as required; these are reasonable but should be noted.
Install Mechanism: okNo install step or external downloads are used — this is instruction-plus-local-code only. All included files are present in the bundle (large OpenAPI JSON and two scripts). No remote installers, URL downloads, or archives are present.
Credentials: noteThe two required env vars (ATLAS_CLIENT_ID, ATLAS_CLIENT_SECRET) are appropriate for obtaining OAuth tokens via client-credentials flow. The scripts additionally accept optional ATLAS_GROUP_ID and ATLAS_API_BASE_URL (documented in the script) but these were not declared as required — this is low-risk but worth documenting. The skill does not request unrelated credentials.
Persistence & Privilege: noteThe client caches the OAuth access token to disk under ~/.openclaw/.cache/mongodb-atlas/token.json to avoid repeated token requests; it does not persist client secrets. Writing a token cache to the user's home directory is reasonable for an API client but means authentication state persists on disk and should be considered by the user.