Uplo Data Analytics
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is a disclosed UPLO knowledge-base integration for data analytics, but users should notice that it uses an external MCP package, an API key, and can access broad organizational context.
Before installing, make sure the UPLO MCP package and endpoint are trusted, use a least-privilege API key, and verify that your UPLO classification tiers prevent the agent from retrieving restricted data it should not use or share.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill depends on code fetched from an external package source, so package provenance and future package changes matter.
The skill launches an external npm MCP server package, and the artifacts do not pin a version or include the package source for review.
"command": "npx", "args": ["-y", "@agentdocs1/mcp-server", "--http"]
Use only a trusted UPLO MCP package source, prefer pinned versions where possible, and review the MCP server package before using it with sensitive organizational data.
The connected agent may be able to read or act within the UPLO data analytics knowledge base according to the permissions of the supplied token.
The skill requires a secret UPLO token to access the user's organizational knowledge base.
"api_key": { "type": "string", "required": true, "secret": true, "description": "Your UPLO MCP token" }Use a least-privilege UPLO token, verify which workspaces or classification tiers it can access, and rotate it if it is no longer needed.
The agent may retrieve large amounts of internal analytics knowledge, including governance or restricted-context information, and use it in answers.
The tool list includes a broad organizational context export capability, meaning retrieved UPLO context can be extensive and potentially sensitive.
`export_org_context` | Full organizational context snapshot
Confirm UPLO classification controls are configured correctly, avoid exporting broad context unless needed, and review outputs before sharing them outside the organization.
For analytics-related questions, the agent may consult UPLO before answering, which is useful but means UPLO content can steer the response.
The skill adds an instruction that prioritizes UPLO as the first source for relevant analytics questions.
When users ask about data sources, metric definitions, or reporting methodologies, always query UPLO first
Treat UPLO as an authoritative source only if your organization maintains it carefully, and ask the agent to cite retrieved sources when decisions matter.