MongoDB Atlas

browse MongoDB Atlas Admin API specifications and execute operations (if credentials provided).

This skill is coherent with its description: it bundles the Atlas OpenAPI spec and provides Node scripts to browse the spec and (if you provide ATLAS_CLIENT_ID and ATLAS_CLIENT_SECRET) make live API calls. Before installing or using it, consider: - The tool will perform network calls to your Atlas endpoint and will exchange your service-account credentials for an access token (expected for this purpose). The client secret is used only for the token request and is not stored by the skill. - A token cache (access_token and expiry) is written to ~/.openclaw/.cache/mongodb-atlas/token.json; if you share the machine, remove that file when finished or run clearCachedToken if needed. - State-changing HTTP methods (POST/PUT/PATCH/DELETE) require explicit approval in the script and SKILL.md recommends always using --dry-run first. Do not run with --yes in automation unless you intentionally want destructive actions. If you trust the source and will only use it as a read-only spec browser, you can omit setting the Atlas credentials. If you plan to run live calls, provide service-account credentials with least privilege (a service account scoped only to the projects/operations you intend to use).

Type: OpenClaw Skill Name: mongodb-atlas-admin Version: 1.0.0 The skill bundle is classified as suspicious primarily due to the `scripts/atlas-call.mjs` script's `--file <path>` option. This option allows reading the content of any local file and attempting to parse it as JSON for use as a request body. While this is a plausible feature for an API client, it introduces a vulnerability where a prompt-injected AI agent could be instructed to read sensitive local files (e.g., `~/.ssh/id_rsa` if it's valid JSON, or its content could be exposed if the agent is instructed to print errors/content). However, the `SKILL.md` and `atlas-call.mjs` also implement strong safety protocols, explicitly instructing the AI agent to use `--dry-run` and seek user confirmation for any state-changing API operations, which is a positive security measure against prompt injection and accidental malicious actions.