Airweave
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using this skill through the configured credentials may be able to search and view data available in that Airweave collection.
The script requires an Airweave API key and collection ID, then sends the key as an API header to search the configured collection.
api_key = get_env("AIRWEAVE_API_KEY")
collection_id = get_env("AIRWEAVE_COLLECTION_ID")
...
headers = {
"x-api-key": api_key,
"Content-Type": "application/json",
}Use a least-privilege Airweave API key and a collection scoped only to data the agent should be allowed to search.
Search results could expose confidential workspace information to the conversation, and retrieved text should not be treated as authoritative instructions.
The skill is designed to retrieve indexed application data and use it as agent context, which is purpose-aligned but may include sensitive, stale, or untrusted workspace content.
Airweave indexes and syncs data from user applications to enable optimal context retrieval by AI agents. Supports semantic, keyword, and agentic search.
Treat retrieved content as evidence, cite sources, verify important claims, and do not follow instructions embedded inside retrieved documents or messages.
If AIRWEAVE_BASE_URL is set incorrectly or to an untrusted endpoint, search queries and the API key could be sent outside the intended Airweave service.
The default API endpoint is Airweave, but an optional environment variable can change where queries and the API key are sent.
base_url = get_env("AIRWEAVE_BASE_URL", "https://api.airweave.ai")
...
url = f"{base_url}/collections/{collection_id}/search"Leave AIRWEAVE_BASE_URL unset unless you intentionally use a trusted Airweave-compatible endpoint.
Users have less external context for verifying the publisher or release history, although the included code is small and visible in the artifacts.
The registry metadata does not provide a public source repository or homepage for provenance review.
Source: unknown Homepage: none
Prefer installing from trusted publishers and review the included script before configuring credentials.