Byted Bytehouse Data Asset Analyzer
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill appears to do the advertised ByteHouse schema analysis, but it runs a mutable remote MCP server and forwards environment-based credentials, so it should be reviewed before use.
Use this only if you trust the referenced MCP server source and can tolerate broad schema metadata being written locally. Prefer a pinned dependency, a read-only ByteHouse account, and a restricted environment containing only the needed ByteHouse variables before running it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The code that handles the database connection could change upstream without the user noticing, and that code runs in the skill workflow.
The skill launches an MCP server by fetching code from a GitHub repository at the mutable main branch during runtime. This is not pinned to a version or commit and is not reflected in the install specification.
command='/root/.local/bin/uvx', args=['--from', 'git+https://github.com/volcengine/mcp-server@main#subdirectory=server/mcp_server_bytehouse', 'mcp_bytehouse', '-t', 'stdio']
Pin the MCP server dependency to a reviewed version or commit, declare it in the install/metadata, and let users review or approve the dependency before running it.
Credentials or other secrets present in the agent environment may be available to the MCP process, beyond the database settings needed for the analysis.
The spawned MCP process receives the entire environment, not only the ByteHouse variables needed for this task. Since the documentation tells users to set BYTEHOUSE_PASSWORD and other credentials, unrelated environment secrets could also be exposed to the child process.
env = os.environ.copy() ... StdioServerParameters(... env=env)
Pass only the required ByteHouse environment variables to the MCP server, and use a read-only, least-privilege ByteHouse account for schema analysis.
The generated files may reveal table names, column names, comments, and data-model relationships if shared or retained unintentionally.
The skill intentionally persists full database schema, catalog, and lineage reports to local JSON files.
输出文件(保存在 `output/` 目录):`schema_{database}_{timestamp}.json` - 完整的数据库schema ... `catalog_{database}_{timestamp}.json` ... `lineage_{database}_{timestamp}.json`Store the output directory securely, avoid sharing the reports broadly, and delete them when they are no longer needed.