Api Gateway 1.0.31
WarnAudited by ClawScan on May 18, 2026.
Overview
This appears to be a legitimate API gateway skill, but it can give an agent broad power to read and change data in connected third-party apps, so it needs careful review before use.
Install only if you trust Maton and want your agent to call APIs in connected services. Use least-privilege OAuth scopes, specify the intended connection for sensitive tasks, review old connections, and require confirmation before posting, deleting, sending emails, changing financial data, or modifying business records.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent uses this skill carelessly, it could post messages, change records, delete data, send emails, or perform other actions in connected business apps.
The skill exposes raw third-party API endpoints and demonstrates a write action. That is purpose-aligned for an API gateway, but it is high-impact and not bounded by documented confirmation or safety checks.
Passthrough proxy for direct access to third-party APIs using managed OAuth connections... The API gateway lets you call native API endpoints directly. ... req = urllib.request.Request('https://gateway.maton.ai/slack/api/chat.postMessage', data=data, method='POST')Use this only for clearly requested tasks, require explicit confirmation before write/delete/send/financial actions, and prefer narrow service-specific connections or least-privilege OAuth scopes where possible.
The agent may act with the permissions of connected Slack, Google, Stripe, CRM, finance, or other accounts, and could use the wrong connection if multiple accounts exist.
The Maton API key plus OAuth connections delegates account authority to the gateway, and the default-connection behavior can select an account implicitly if the caller does not specify one.
All requests require the Maton API key in the Authorization header... The API gateway automatically injects the appropriate OAuth token for the target service. ... If omitted, the gateway uses the default (oldest) active connection for that app.
Only authorize accounts you intend to use, specify the Maton-Connection header for sensitive actions, regularly review/delete old connections, and avoid broad OAuth scopes when narrower scopes are available.
Sensitive data from connected services may be sent through Maton's infrastructure as part of normal operation.
Requests, payloads, and API responses are routed through Maton's gateway/control-plane services. This is disclosed and central to the skill, but it means external provider data may pass through Maton.
Base URL: https://gateway.maton.ai/{app}/{native-api-path} ... Connection management uses a separate base URL: https://ctrl.maton.aiReview Maton's privacy, retention, and security practices before using the gateway with email, finance, customer, HR, or other sensitive systems.
Users may have less certainty that the listed registry package and the embedded metadata refer to the same publisher/version.
The included _meta.json metadata does not match the supplied registry metadata, which lists a different owner ID, slug, and version. With no code install this is not by itself malicious, but it matters because the skill asks for API/OAuth authority.
"ownerId": "kn75240wq8bnv2qm2xgry748jd80b9r0", "slug": "api-gateway", "version": "1.0.31"
Verify the publisher and homepage directly before adding MATON_API_KEY or authorizing third-party OAuth connections.