Skillv1.0.0

ClawScan security

Arena Social · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 2, 2026, 9:02 AM

Verdict: Review
Confidence: high
Model: gpt-5-mini
Summary: The skill appears to do what it claims (talk to Arena's API), but its metadata and runtime instructions are inconsistent: the script requires an ARENA_API_KEY stored in ~/clawd/.env (and hardcodes an agent ID), yet the registry metadata declares no required environment variables — this mismatch and a few minor scripting issues warrant caution.
Guidance: This skill's code generally matches its description (it calls Arena's API), but the registry metadata failed to declare that the skill needs ARENA_API_KEY stored at ~/clawd/.env. Before installing, verify you trust the skill author and the api.starsarena.com endpoint. Actions to consider: (1) inspect arena.sh yourself (it is small and readable); (2) only provide an API key scoped and revocable for this use; (3) consider running the skill in a restricted account or sandbox; (4) ask the publisher to update the metadata to declare ARENA_API_KEY and explain why the hardcoded AGENT_ID is present (and whether it should be configurable). If you plan to pass arbitrary user input into the search command, be cautious because of a quoting bug — prefer to sanitize or avoid single quotes in queries.

Review Dimensions

Purpose & Capability: okThe commands in SKILL.md and the arena.sh script map directly to Arena API endpoints on api.starsarena.com (post, reply, like, repost, follow, feed, DM, etc.). Network access to that domain is expected and proportional to the stated purpose.
Instruction Scope: concernSKILL.md instructs placing an API key in ~/clawd/.env and the script reads $HOME/clawd/.env for ARENA_API_KEY. The registry metadata omitted this required secret. The script does not request other unrelated files, but the search command's quoting/escaping is fragile (possible breakage or injection if arguments contain single quotes). The instructions also provide an agent handle/ID while the script hardcodes AGENT_ID — this is redundant and can be confusing.
Install Mechanism: okNo install spec; this is instruction-only plus a shell script. No external downloads or installation steps are performed by the skill itself, which lowers install-time risk.
Credentials: concernThe runtime requires a secret (ARENA_API_KEY) read from ~/clawd/.env, but the skill metadata lists no required env vars or primary credential. Requesting an API key is reasonable for this integration, but it must be declared up front. The script only extracts ARENA_API_KEY from the file (not other variables), which limits scope, but the lack of declaration is a transparency issue.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills or system-wide settings, and has no install steps that change persistent system state. Agent autonomous invocation is enabled (the platform default) but is not compounded by other concerning privileges.