Dx Data Navigator
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate DX analytics helper, but it gives the agent broad SQL access to sensitive employee and productivity data without clear privacy or read-only guardrails.
Before installing or enabling this skill, confirm that the DX MCP database account is read-only and least-privileged, and decide whether the agent is allowed to retrieve person-level employee, survey, AI adoption, and productivity data. Prefer aggregate reports by default and require explicit approval for queries that return names, emails, protected users, or individual survey responses.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could run broad database queries and reveal more organizational or employee data than the user intended; if the MCP server allows non-read-only SQL, the impact could be greater.
The skill exposes a raw SQL workflow and encourages database schema discovery. While the examples are SELECT-based and purpose-aligned, the artifacts do not state read-only enforcement, query limits, approval requirements, or restrictions against overly broad individual-level queries.
Query the DX Data Cloud PostgreSQL database using the `mcp__dx-mcp-server__queryData` tool. mcp__dx-mcp-server__queryData(sql: "SELECT ...") Always query `information_schema.columns` first if uncertain about table/column names
Use a read-only, least-privileged database role; enforce SELECT-only queries, row limits, and schema/table allowlists; require user confirmation for broad or individual-level reports.
The agent will be able to query whatever the configured DX MCP server account can access.
The skill relies on delegated access through an MCP database tool. No credentials are embedded in the artifacts, but the database role and access scope are not described.
Query the DX Data Cloud PostgreSQL database using the `mcp__dx-mcp-server__queryData` tool.
Confirm the MCP server uses a least-privileged, read-only account appropriate for the users who can invoke this skill.
Employee names, emails, GitHub usernames, team membership, and protected-user information could be pulled into the conversation or shared in outputs.
The reference material documents and demonstrates queries that retrieve identifiable employee data, including a protected-user indicator, but does not provide guidance to exclude protected users, aggregate results, or redact identifiers.
`dx_users` ... `name` ... `email` ... `github_username` ... `protected | boolean | Protected user flag` SELECT u.name, u.email, u.github_username, t.name as team
Default to aggregated results, redact personal identifiers unless explicitly needed, respect protected-user flags, and require authorization for person-level reporting.
Individual survey answers or sentiment data could be exposed or summarized in a way that identifies employees.
The documented survey response tables can link individual users to answer values. The skill is intended for survey and sentiment analysis but does not include anonymization or minimum-cohort guidance.
`dx_platform_responses` ... `user_id | FK to dx_users` `dx_platform_response_answers` ... `value | Answer value`
Apply privacy controls for survey data, such as minimum group sizes, anonymization, and explicit approval before querying or reporting individual responses.
If a user follows the install command, they depend on the referenced package/repository being trustworthy at install time.
The install documentation points to a package-manager command and external repository path. This is user-directed setup, not automatic execution, but provenance and version pinning are not shown in the reviewed artifacts.
npx skills add pskoett/pskoett-ai-skills/dx-data-navigator
Install only from trusted sources, pin reviewed versions where possible, and verify the repository/package before running npx-based setup commands.