ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pipeworx census-trade

v1.0.0

Access detailed US international trade data including imports, exports, trade balance, and trends by commodity and country.

0· 59·0 current·0 all-time
byBruce Gutman@brucegutman

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for brucegutman/pipeworx-census-trade.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Pipeworx census-trade" (brucegutman/pipeworx-census-trade) from ClawHub.
Skill page: https://clawhub.ai/brucegutman/pipeworx-census-trade
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pipeworx-census-trade

ClawHub CLI

Package manager switcher

npx clawhub@latest install pipeworx-census-trade
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description (US international trade data) align with the SKILL.md which exposes functions for imports, exports, trade balance and trends. However, the skill delegates calls to a third‑party MCP server (https://gateway.pipeworx.io/census-trade/mcp) rather than an official Census endpoint (e.g., api.census.gov). That third‑party endpoint is plausible for aggregating data, but its provenance and trustworthiness are not documented in the package metadata (source/homepage unknown).
Instruction Scope
The SKILL.md contains only short RPC-like function descriptions and a JSON block listing the MCP server URL. It does not instruct reading local files or environment variables. However, the instructions are minimal and lack details (authentication, rate limits, what data is sent). The agent will call an external service; unless the platform sanitizes outgoing payloads, conversational context and any user-provided sensitive data may be transmitted to that external endpoint.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is the lowest-risk install pattern because nothing is written to disk by the skill itself.
Credentials
No environment variables, credentials, or config paths are requested. The lack of required secrets is proportionate to the stated purpose. That said, absence of declared auth does not prove the remote service won't require or request credentials at runtime.
Persistence & Privilege
The skill is not always-enabled and allows normal model invocation. It does not request elevated platform persistence. No instructions indicate modifying other skills or system-wide settings.
What to consider before installing
This skill appears to do what it says (fetch US trade data) but delegates queries to an undocumented third‑party endpoint (gateway.pipeworx.io). Before installing or using it, verify the endpoint's owner and privacy/security practices (ask for a homepage or source code). Test with only non‑sensitive queries to see what data is transmitted. Prefer skills that use official government APIs or that provide clear documentation on who operates the gateway and how data is handled. If you must use this skill for sensitive work, request transparency from the publisher or avoid using it until provenance is confirmed.

Like a lobster shell, security has layers — review code before you run it.

latestvk9704m371fc2tth1dnbwjcexs585chmr
59downloads
0stars
1versions
Updated 5d ago
v1.0.0
MIT-0
Bruce Gutman@brucegutman
latest
Download

Census Trade

Census Trade MCP — US Census Bureau International Trade data

census_imports

Search US import data by HS commodity code (e.g., "8471" for computers) and/or country (e.g., "China

census_exports

Search US export data by HS commodity code (e.g., "8471" for computers) and/or country (e.g., "Mexic

census_trade_balance

Check US trade balance with a specific country for a given year. Returns net trade value and breakdo

census_trade_trends

Get monthly US trade trends for a commodity and/or country over time. Returns month-by-month values

{
  "mcpServers": {
    "census-trade": {
      "url": "https://gateway.pipeworx.io/census-trade/mcp"
    }
  }
}

Comments

Loading comments...