Aiqbee
ReviewAudited by ClawScan on May 10, 2026.
Overview
Aiqbee appears to be a coherent MCP integration, but it can change or delete knowledge-graph data through your logged-in Aiqbee account without documented confirmation or scoping safeguards.
Review this skill before installing. It appears to do what it claims, but signing in gives the agent access to your Aiqbee knowledge graph, including tools that can update and delete neurons and relationships. Use a limited account or workspace where possible, require explicit approval for destructive changes, and verify the Aiqbee MCP/OAuth destination before signing in.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly broad agent action could modify or remove architecture, portfolio, or strategy records in the user's Aiqbee brain.
These MCP tools can mutate or delete knowledge-graph records and links. The provided instructions do not include confirmation, rollback, workspace limits, or other safeguards for destructive writes.
`aiqbee_update_neuron` | Update an existing neuron | ... `aiqbee_delete_neuron` | Delete a neuron | ... `aiqbee_delete_relationship` | Remove a relationship |
Use this only with an account/workspace you are comfortable granting write access to, require explicit user approval before update/delete operations, and keep backups or recovery options for important knowledge-graph data.
The agent may be able to access and act on Aiqbee data available to the signed-in account, including shared workspace data if that account has access.
OAuth account access is expected for this integration, but it delegates access to the user's Aiqbee account and the SKILL.md does not list specific scopes or permission boundaries.
Aiqbee uses OAuth 2.0. On first connection, your browser will open for sign-in. No API keys or environment variables needed — just sign in with your existing Aiqbee account.
Sign in only with the intended Aiqbee account, review any OAuth permission prompts carefully, prefer least-privilege workspace access, and revoke the authorization when no longer needed.
Queries and returned knowledge-graph content may pass through the Aiqbee MCP service and into the agent's working context.
The skill routes MCP requests to a remote Aiqbee endpoint and can retrieve full knowledge-graph content. This is purpose-aligned, but it is a sensitive data boundary users should understand.
"transport": "streamable-http", "url": "https://mcp.aiqbee.com/mcp" ... `aiqbee_search` | Search neurons in your knowledge graph | ... `aiqbee_fetch` | Get full neuron content and metadata |
Avoid using the integration for data you do not want processed through Aiqbee MCP, and review Aiqbee's data handling and workspace-sharing settings.
Users cannot verify the remote MCP server's implementation from this package alone.
The registry source is not identified, and the skill is instruction-only, so the actual MCP tool implementation is not present in the reviewed artifacts. This is not suspicious by itself, but it means users must trust the remote Aiqbee service.
Source: unknown
Install only if you trust the Aiqbee domain and publisher; verify the homepage, documentation, and OAuth destination before signing in.