Skillv1.0.0

ClawScan security

Dx Data Navigator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 5, 2026, 4:05 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, required artifacts, and scope are consistent with its stated purpose (querying Developer Experience data from the MCP PostgreSQL database) and do not request unrelated credentials or installs, though it can expose sensitive user-level fields via queries.
Guidance: This skill appears to be what it says: a library of SQL examples and usage guidance for querying the DX MCP PostgreSQL database via the platform's mcp__dx-mcp-server__queryData tool. Before installing or using it, confirm: (1) you trust the mcp tool and that the agent's database credentials/permissions are appropriately scoped, because the queries can return PII (emails, usernames, adoption dates); (2) you or your org are comfortable with the agent running arbitrary SQL queries (review or limit queries to safe read-only views if necessary); (3) do not run the example 'npx skills add ...' command from SKILL.md unless you trust the external GitHub package, since that would fetch and run third-party code outside the registry. If you need tighter controls, restrict the agent's DB permissions or require human approval before executing queries that surface personal data.

Review Dimensions

Purpose & Capability: okThe name/description (DX data querying) matches the SKILL.md: it exclusively documents SQL queries and how to call the mcp__dx-mcp-server__queryData tool. There are no unrelated binaries, services, or credentials requested.
Instruction Scope: noteInstructions are narrowly focused on exploring the DX MCP PostgreSQL schema and running queries (including recommended patterns like querying information_schema.columns). However the provided example queries access user-identifying columns (email, github_username, adoption dates) and other sensitive analytics — this is expected for DX analysis but is a privacy risk to be aware of.
Install Mechanism: okThe skill is instruction-only and contains no install spec or code files to be executed by the platform. SKILL.md includes an example 'npx skills add ...' command (fetches a GitHub package) but that is an external, optional installation step and not part of the registry install spec; the registry metadata shows no automated install. No downloads or extract steps are specified.
Credentials: okThe skill declares no environment variables, credentials, or config paths. That is proportionate: the skill relies on an existing mcp query tool rather than embedding credentials. Note: the SQL examples will return PII (emails, usernames) if run against a DB with that data — requiring appropriate data access controls.
Persistence & Privilege: okThe skill does not request always:true or any elevated persistent privileges. It is user-invocable and allows autonomous invocation (platform default), which is normal for skills. It does not modify other skills or system-wide settings.