Back to skill
Skillv0.1.0
ClawScan security
Baserow · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 10:46 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only wrapper for the Baserow CLI and its declared requirements (baserow binary, BASEROW_TOKEN, BASEROW_URL) are consistent with the stated purpose.
- Guidance
- This skill appears to do what it says: it drives the Baserow CLI and needs your Baserow API token and base URL. Before installing or using it: (1) ensure the 'baserow' CLI you install comes from a trusted source (official project or PyPI) and verify package integrity; (2) limit the BASEROW_TOKEN to the minimum permissions needed and avoid sharing broader credentials; (3) be cautious with destructive commands (delete / batch-delete) — SKILL.md notes non-TTY contexts may accept '--yes', so always confirm intended deletes before running and avoid giving the agent blanket permission to pass --yes; (4) be aware the skill references a config file (~/.config/baserow-cli/config.toml) which may contain tokens or defaults — review its contents and placement; and (5) if you want tighter safety, run the CLI in an environment with limited network access or use a scoped token.
Review Dimensions
- Purpose & Capability
- okName/description match the runtime instructions. Requiring the baserow CLI binary plus BASEROW_TOKEN and BASEROW_URL is appropriate for a Baserow CLI integration.
- Instruction Scope
- okSKILL.md only tells the agent to run the baserow CLI, use the config at ~/.config/baserow-cli/config.toml, and supply service-specific env vars or flags. It does not instruct reading unrelated files or exfiltrating data. Note: the manifest lists no required config paths while the SKILL.md documents a config file location (~/.config/baserow-cli/config.toml); this is an informational mismatch but not a functional concern.
- Install Mechanism
- noteNo install spec is embedded (instruction-only). The doc suggests installing via 'uv tool install baserow-cli' or 'pip install baserow-cli' — standard but outside the skill's control. If you plan to install, prefer official releases (PyPI or the project's site) and verify package authenticity.
- Credentials
- okRequested env vars (BASEROW_TOKEN, BASEROW_URL) are service-specific and proportional. No unrelated credentials or broad secrets are requested.
- Persistence & Privilege
- okalways:false and no special persistence or cross-skill config modifications are requested. The skill does note that destructive commands require '--yes' in non-TTY (agent) contexts — this affects how an agent might run destructive operations and is a normal capability for a CLI wrapper.