Pipedrive mcp
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: maverick-pipedrive-mcp Version: 1.0.0 The skill provides a legitimate integration for Pipedrive CRM via the Model Context Protocol (MCP). The included scripts (init-mcporter.sh and invoke.sh) are well-structured utilities designed to seed OAuth tokens into the mcporter vault and handle command execution. The implementation follows security best practices, such as using file locking (flock) for concurrency and passing sensitive tokens to jq via environment variables to avoid exposure in process logs. All data traffic is directed to the official Pipedrive MCP endpoint (mcp.pipedrive.com).
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad write call could change or delete deals, contacts, activities, or pipeline data in the connected Pipedrive account.
The skill is intended to perform Pipedrive write operations that can affect business CRM data; the artifact also instructs confirming clear user intent before such writes.
Write operations that create records, update properties, change deal stages, mark activities done, create notes, or delete data modify Pipedrive CRM state visible to the connected account.
Use read/search tools first, verify record IDs and values, and only allow write or delete actions when the user has explicitly requested them.
Processes or users that can read the local mcporter vault may be able to use the connected Pipedrive authorization.
The script seeds access and refresh tokens into a local mcporter OAuth vault so the skill can act as the connected Pipedrive account.
mcp_vault="${HOME}/.mcporter/credentials.json" ... tokens: {access_token: env.mcp_access, refresh_token: env.mcp_refresh, token_type: "Bearer"}Protect the required environment variables and the ~/.mcporter credentials file, use the least-privileged Pipedrive account/scopes available, and revoke the OAuth grant if exposure is suspected.
A changed or compromised future mcporter release could affect how the skill connects to Pipedrive or handles credentials.
The runtime CLI is installed from npm without a fixed version; this is disclosed and purpose-aligned, but future package changes would affect the code handling OAuth-backed MCP calls.
The install spec uses unpinned `mcporter` (npm `latest`); operators with strict supply-chain controls should override the install to pin a specific version.
Pin mcporter to a reviewed version in controlled environments and keep dependency updates under normal supply-chain review.
Pipedrive will receive the CRM data and parameters referenced in tool calls, and unrelated sensitive content could be exposed if passed through the tools.
The external MCP data flow is disclosed and points to Pipedrive's hosted service, but users should understand what information is sent during tool calls.
Tool calls travel to Pipedrive's hosted MCP service at `https://mcp.pipedrive.com/mcp` over HTTPS, authenticated via OAuth. Pipedrive sees the deal, person, organization, activity, pipeline, and sales-workflow data referenced by each call.
Use the skill only for Pipedrive-related tasks and avoid sending unrelated secrets or private content through Pipedrive MCP calls.