Skillv1.0.1

ClawScan security

Airtable w/Python · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 12, 2026, 8:36 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and behavior match its Airtable management purpose; included scripts perform local file reads and can import/execute a local module (documented), so use with trusted inputs and scoped tokens.
Guidance: This skill appears to do what it says: manage Airtable via pydantic-airtable. Before installing or running scripts: 1) use a least-privilege (scoped) Airtable token and consider a test base; 2) run inside a virtualenv or container to isolate dependencies; 3) never pass untrusted Python modules to --module (model_ops.py will import and execute them); 4) inspect any @file.json files before using them since scripts will read local files; and 5) verify the pydantic-airtable package version from PyPI if you want extra assurance.

Purpose & Capability: okName and description (Airtable management via pydantic-airtable) align with required binaries (python3), required env vars (AIRTABLE_ACCESS_TOKEN, AIRTABLE_BASE_ID), and bundled scripts that call Airtable manager/client APIs.
Instruction Scope: noteRuntime instructions and scripts stay within the Airtable domain, but the scripts accept @file.json (reads local files) and model_ops.py will import and execute an arbitrary local Python module. Those capabilities are documented in SKILL.md and are necessary for model-driven workflows, but they grant the skill the ability to run user-supplied code and read local files — exercise caution and only provide trusted inputs.
Install Mechanism: okThe skill recommends installing the pydantic-airtable package via pip (normal for Python-based integration). No downloads from untrusted URLs or archive extraction are present.
Credentials: okOnly AIRTABLE_ACCESS_TOKEN and AIRTABLE_BASE_ID are required, which are the exact credentials needed for Airtable operations. The SKILL.md also advises using scoped tokens and test bases.
Persistence & Privilege: okalways is false and the skill does not request persistent/force-installed privileges or attempt to modify other skills or system-wide settings.