Skillv1.0.0

ClawScan security

Blogburst 3.1.2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 15, 2026, 8:57 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (a marketing agent that uses BlogBurst's API) matches its requirements, but the runtime instructions include steps that can expose your API key and encourage insecure setup practices.
Guidance: This skill appears to do what it says (it calls the BlogBurst API), but follow these precautions before installing or using it: - Do not run `echo $BLOGBURST_API_KEY` in shared terminals or where output is logged — that prints your secret. - Avoid passing the API key directly in command-line arguments (curl -H 'X-API-Key: ...') because process listings and logs can expose it; prefer methods that keep secrets out of the command string (e.g., use a client that reads the env var internally, or an API client that reads from a secure store). - Be cautious about copying the export line into ~/.zshrc if you use a different shell or if others use the same machine; consider exporting the key in a session or using a per-project environment file with restricted permissions. - Create a limited-scope or revocable API key in BlogBurst if possible; test with a non-production key first. - Review BlogBurst's account/connection settings (which social accounts it can control) and audit activity logs after enabling auto-posting. - If you plan to let the agent act autonomously, understand it can post and engage using your connected accounts — give it the minimum permissions needed and monitor initial activity. If you want a safer integration, ask the skill author to avoid echoing secrets and to show examples that keep the API key out of command arguments and logs.

Review Dimensions

Purpose & Capability: okName/description align with what the skill asks for: a single BLOGBURST_API_KEY is reasonable because the service handles multi-platform posting and account connections.
Instruction Scope: concernSKILL.md instructs the agent to run: `echo $BLOGBURST_API_KEY` (which prints the secret) and to invoke curl commands embedding the API key in command-line arguments (via -H "X-API-Key: $BLOGBURST_API_KEY"). Both actions can leak the key to terminal history, shared logs, or process listings. It also advises modifying ~/.zshrc unconditionally (shell-specific) and tells the agent to use exec/curl exclusively; these are within the purpose but include insecure guidance that increases credential exposure risk.
Install Mechanism: okInstruction-only skill with no install spec or third-party downloads — low installation risk.
Credentials: noteOnly requests one environment variable (BLOGBURST_API_KEY), which is proportionate. However, the instructions' handling of that secret (echoing it and embedding it into command-line args) is insecure and unnecessary.
Persistence & Privilege: okDoes not request 'always: true' and does not modify other skills or system-wide configs beyond advising the user to add an env var to their shell rc. Autonomous invocation (disable-model-invocation: false) is normal for this category.