Ai Intelligent Data Catalog
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only data-catalog skill is coherent and does not request credentials, but its setup points users to clone and run external code that should be verified first.
Before installing, verify the referenced GitHub repository, review requirements.txt and app.py, and run the app in an isolated environment. The supplied skill artifacts themselves do not show credential access, persistence, or malicious behavior.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the referenced repository or its dependencies are compromised or different from what the user expects, installation could introduce unwanted code.
The setup pulls a remote repository and installs dependencies from a requirements file that is not included in the submitted artifacts, so users should verify that external source before installation.
git clone https://github.com/openclaw-skills/ai-intelligent-data-catalog ... pip install -r requirements.txt
Inspect the GitHub repository and requirements file, prefer a trusted commit or release tag, and install in a virtual environment or container.
Running the app will execute local Python code from the cloned repository, which may affect the user's environment depending on that external code.
The documented setup asks the user to run the downloaded Python application. This is expected for deploying a FastAPI-style data catalog, but it executes code outside the artifact set.
python app.py
Run it only after reviewing the downloaded code and dependencies, and avoid granting unnecessary privileges or sensitive credentials.