Pipeworx Analyst

v1.0.0

Access 252 data sources via one gateway to query trade, finance, pharma, housing, and government contracts using natural language questions.

⭐ 0· 76·0 current·0 all-time

byBruce Gutman@brucegutman

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for brucegutman/pipeworx-analyst.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Pipeworx Analyst" (brucegutman/pipeworx-analyst) from ClawHub.
Skill page: https://clawhub.ai/brucegutman/pipeworx-analyst
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pipeworx-analyst

ClawHub CLI

Package manager switcher

npx clawhub@latest install pipeworx-analyst

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The SKILL.md consistently points the agent at an external gateway (https://gateway.pipeworx.io/mcp) to access many data sources, which is coherent with the 'one gateway' description. However, several listed backends (e.g., ATTOM, paid/commercial APIs) normally require provider-specific API keys or contracts. The skill declares no credentials, no homepage, and no source — it's unclear whether the gateway holds credentials centrally or expects the user to provide them. The absence of that explanation is a mismatch between claimed capability and the transparency a user would reasonably expect.

Instruction Scope

The runtime instructions tell the agent to call remote functions (ask_pipeworx, discover_tools, remember, recall) against an external URL. There is no guidance or limit on what context or conversation data will be sent to that endpoint. The 'remember' primitive implies persistent storage of findings on the gateway side. Because the skill delegates queries and context to an external service without describing data handling or allowed payloads, it creates a risk of unintentional disclosure of PII, secrets, or sensitive documents.

✓

Install Mechanism

This is instruction-only with no install spec and no code files, so nothing is written to disk by the skill itself. That minimizes local install risk. The primary risk is network: outgoing requests to an external gateway described in SKILL.md.

Credentials

The skill declares no required environment variables or primary credential, yet it claims access to many third-party sources that often require their own API keys. Omitting any mention of authentication, credential scoping, or how secrets (if any) should be provided is suspicious. Additionally, because the instructions do not constrain what gets sent to the gateway, any environment variables or agent context could be exfiltrated if the agent forwards them during a call.

Persistence & Privilege

The skill is not forced always-on (always: false), but autonomous invocation is allowed (the platform default). Combined with the 'remember'/'recall' semantics and an external gateway of unknown ownership, this creates a persistent-data risk: the gateway may retain logs, remembered context, and query history beyond your control. The skill does not document retention, access controls, or deletion procedures.

What to consider before installing

Do not install or use this skill unless you trust the external gateway and have clear answers to: (1) Who operates gateway.pipeworx.io (company/owner/public repo)? (2) How is authentication handled—does the gateway hold API keys centrally or will you need to provide credentials? (3) What data is sent, logged, or persisted by the gateway (including 'remember' entries)? retention and deletion policies? (4) Is traffic encrypted and who can access logs? Ask the publisher for a homepage/source repo, a privacy/security FAQ, and a list of required credentials. Test with non-sensitive queries first. If you cannot get satisfactory answers, avoid sending any sensitive data or secrets to this skill and do not enable autonomous invocation for agents that can call it.

Like a lobster shell, security has layers — review code before you run it.

latestvk972299g9ggxfvrfnjzc203za585ag2v

76downloads

0stars

1versions

Updated 6d ago

v1.0.0

MIT-0

Pipeworx Data Analyst

Connect to 252 data sources and 1008+ tools through one gateway. Ask questions in plain English — Pipeworx picks the right tool, fills the arguments, and returns real data.

Setup

{
  "mcpServers": {
    "pipeworx": {
      "url": "https://gateway.pipeworx.io/mcp"
    }
  }
}

How to use

Ask anything

Call ask_pipeworx with a question. The gateway finds the right API and returns the answer.

"What is the US trade deficit with China?"
"What are the side effects of ozempic?"
"What's the weather in Tokyo?"
"Get Apple's latest 10-K filing"
"Find cybersecurity government contracts"

Find specific tools

Call discover_tools with a description to browse what's available.

Scope to a domain

Add ?task= to the URL for focused sessions with only relevant tools:

gateway.pipeworx.io/mcp?task=housing+market
gateway.pipeworx.io/mcp?task=international+trade
gateway.pipeworx.io/mcp?task=drug+safety+research

Remember context

Use remember and recall to save findings across tool calls.

Compound tools

These combine multiple APIs into one call:

Tool	Description
`trade_bilateral_analysis`	Complete bilateral trade analysis between two countries in one call. Combines Comtrade trade flows (
`trade_country_profile`	Comprehensive trade profile for a country — top 10 import/export partners and top 10 import/export c
`trade_macro_dashboard`	US trade macro indicators dashboard — customs revenue, exchange rates, trade balance, monthly trends
`fintech_company_deep_dive`	Complete company financial analysis in one call — SEC filings (10-K), stock quote, company overview,
`fintech_bank_health_check`	Bank health assessment — FDIC institution lookup, financials, recent industry failures, consumer com
`fintech_market_snapshot`	Financial market conditions dashboard — CFPB complaint trends, FDIC banking industry summary, and op
`pharma_drug_profile`	Complete drug dossier in one call — FDA approvals, drug labels, adverse events, RxNorm properties, d
`pharma_pipeline_scan`	Clinical trial pipeline analysis — by condition (e.g., "lung cancer", "Alzheimer") or by sponsor (e.
`pharma_safety_report`	Drug safety assessment — adverse event reports, top reaction types, recall history, and drug-drug in
`govcon_contractor_profile`	Complete government contractor dossier — SAM.gov entity registration, federal award history (USAspen
`govcon_opportunity_scan`	Government contracting opportunity search — open SAM.gov opportunities, set-aside contracts (8(a), H
`govcon_agency_landscape`	Federal agency contracting landscape — spending overview, recent awards, SBIR program stats, and spe
`housing_market_snapshot`	Get a national housing market snapshot — 30-year mortgage rates, housing starts, Case-Shiller home p
`housing_property_report`	Complete property analysis combining ATTOM data — property details, automated valuation (AVM), sales
`housing_rental_analysis`	Rental market analysis for a property and area — estimated rent (ATTOM), fair market rents (HUD, if
`housing_affordability_check`	Check housing affordability metrics — current mortgage rate (national), median home price (national)
`housing_employment_outlook`	Labor market indicators relevant to housing — total nonfarm employment, construction employment, res
`housing_signal_scan`	Comprehensive housing market signal scan — checks 45+ indicators for reversals, unusual moves, accel

Response metadata

Every response includes _meta with cost breakdown, cache status, next-step suggestions, and error alternatives.

Comments

Loading comments...