powerdrill-data-analysis
v1.0.0This skill should be used when the user wants to analyze, explore, visualize, or query data using Powerdrill. Covers listing, creating, and deleting datasets; uploading local files as data sources; creating analysis sessions; running natural-language data analysis queries; and retrieving charts, tables, and insights. Triggers on requests like "analyze my data", "query my dataset", "upload this file for analysis", "list my datasets", "create a dataset", "visualize sales trends", "continue my previous analysis", "delete this dataset", or any data exploration task mentioning Powerdrill.
⭐ 0· 1.2k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md and included Python client clearly require two environment variables (POWERDRILL_USER_ID and POWERDRILL_PROJECT_API_KEY) and call the Powerdrill API; however the registry metadata lists no required env vars or primary credential. That mismatch (metadata claims none, runtime requires credentials) is inconsistent. Aside from that, requested capabilities (dataset/session/job management and file upload) align with the stated purpose.
Instruction Scope
The runtime instructions and client code direct the agent to upload arbitrary local files (upload_local_file / upload_and_create_data_source) and to read file paths provided by the user. This is necessary for data-analysis functionality but also means the skill can read and transmit arbitrary local files to https://ai.data.cloud/api. The SKILL.md instructs inserting an absolute scripts path (sys.path manipulation). The instructions otherwise only reference the two Powerdrill env vars and the Powerdrill API; they do not request unrelated system secrets, but the file-upload capability is a sensitive operation.
Install Mechanism
There is no install spec (instruction-only skill) and the package contains a Python client file. No remote downloads or installer scripts are used. This is lower risk than a skill that downloads/extracts remote binaries.
Credentials
The only runtime secrets used are the two Powerdrill env vars, which are proportionate to the described API usage. However the skill registry metadata does not declare these required environment variables (declared: none), producing an inconsistency that could lead users to miss that they'd need to provide API credentials. The skill does not request unrelated credentials, but the un-declared required env vars should be fixed/declared.
Persistence & Privilege
The skill does not request permanent/always-on presence (always:false) and does not modify other skills. Autonomous model invocation is enabled by default (normal for skills). Be aware that, combined with the ability to read/upload local files, autonomous invocation increases the risk of unintended data exfiltration if the agent is granted file-system access or is allowed to call the skill without strict controls.
What to consider before installing
Before installing: 1) Note the registry metadata omits required env vars — you must set POWERDRILL_USER_ID and POWERDRILL_PROJECT_API_KEY for the skill to work. 2) The skill can read and upload arbitrary local files to https://ai.data.cloud/api; avoid pointing it at sensitive system files or secrets and only upload data you control. 3) Verify the API endpoint and documentation (confirm ai.data.cloud/api is the correct Powerdrill endpoint for your account) and limit the API key scope/permissions where possible. 4) Because the source/homepage is unknown, prefer installing only if you trust the publisher; consider testing in an isolated environment with a throwaway API key and dataset, and do not enable broad autonomous access for agents that have filesystem access unless you explicitly allow the specific file operations you want.Like a lobster shell, security has layers — review code before you run it.
latestvk97148n0yvkk51fwt4cjd4pgqs80qnw0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.