Request Approval
PassAudited by ClawScan on May 10, 2026.
Overview
This is a safety-oriented approval skill, with some expected setup and data-sharing considerations for Preloop MCP use.
This skill appears benign and aligned with adding human approval before risky actions. Before installing, verify the Preloop MCP setup you use, secure any API token, and make sure approval requests do not include passwords, API keys, or unnecessary sensitive production details.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If followed as written, the user may run an external MCP package whose version and provenance are not pinned in the skill artifacts.
The setup example can download and run an unpinned npm MCP package, and the package name is not clearly Preloop-specific. This is user-directed setup rather than hidden execution, but it is worth verifying before use.
"command": "npx", "args": ["-y", "@modelcontextprotocol/server-everything"]
Prefer the documented direct Preloop MCP URL configuration when possible, or verify and pin any npm MCP package before adding it to an agent configuration.
A Preloop token stored in agent configuration could be used by the agent or anyone with access to that configuration to interact with the Preloop service.
The documentation shows optional Preloop API-token authentication. This is expected for the integration, but it grants the agent access to the configured Preloop MCP service.
"headers": { "Authorization": "Bearer YOUR_API_TOKEN" }Use a dedicated, least-privilege Preloop token, store it securely, rotate it if exposed, and confirm the approval policy limits who can approve requests.
Details included in approval requests may be visible to Preloop and configured approvers or notification channels.
Approval requests are sent through an external MCP service and notification channels. This is central to the skill's purpose, but the request content may describe local files, production systems, or other sensitive operational context.
Preloop will notify the user (via Slack, email, mobile apps, etc.) and wait for their response.
Avoid including secrets in approval context, review which notification channels and approvers are configured, and use self-hosting or internal channels if approval details are sensitive.