ClawHub

NVEIL — AI Data Visualization & Processing

v0.1.1

NVEIL is an AI-powered data-processing and visualization toolkit — describe joins, aggregations, pivots, resampling, geocoding, time-series analysis, feature...

0· 43·0 current·0 all-time
by@pierrejacquet
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description say NVEIL plans remotely and runs locally; SKILL.md and README require only NVEIL_API_KEY and instruct the agent to invoke the local `nveil` CLI. Requesting an API key to gate a remote planning service is coherent with the stated capability.
Instruction Scope
Instructions direct the agent to run the local `nveil` CLI or import the Python package and to read user data in order to generate summaries/specs. The SKILL.md explicitly states raw rows do not leave but that column names, types, and summary statistics are sent to the remote planner. This is expected for the stated design, but it is an important privacy-related detail the user should verify.
Install Mechanism
There is no automatic install in the skill itself; the README/SKILL.md instructs users to `pip install nveil` from PyPI. That is a standard, proportionate install mechanism for a Python CLI package.
Credentials
Only a single credential (NVEIL_API_KEY) is required and is described as the gate to the remote planning service. That matches the declared primaryEnv; no unrelated credentials or config paths are requested.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide config changes. Autonomous invocation is allowed (platform default) but not excessive given the skill's purpose.
Assessment
This skill appears internally consistent, but before installing: (1) confirm you trust the NVEIL project and verify the PyPI/package publisher and version; (2) read NVEIL's privacy docs to understand exactly which metadata (column names, types, summary stats) are sent to the remote planner and whether any sensitive-derived values might be transmitted; (3) consider limiting the API key's scope or using a separate account for this tool; (4) if your data is highly sensitive, ask whether a self-hosted planner or fully offline mode is available; (5) require explicit user confirmation before the agent invokes the skill autonomously (if your agent allows that policy) and inspect any generated `.nveil` specs before sharing.

Like a lobster shell, security has layers — review code before you run it.

latestvk970428brb3h0trqpka6p32q1584t5dc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📊 Clawdis
EnvNVEIL_API_KEY
Primary envNVEIL_API_KEY

Comments