Skillv1.3.1

ClawScan security

Claw Calendar · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 30, 2026, 7:07 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior (calling a user-provided calendar API with an API key) is coherent with its description, but there are metadata inconsistencies and provenance gaps you should verify before installing.
Guidance: This skill appears to do exactly what it says (talk to a calendar API using an API key), but there are a few reasons to be cautious before enabling it: - Metadata mismatch: The SKILL.md expects CALENDAR_API_BASE_URL and CALENDAR_API_KEY, but the registry metadata you were shown lists no required env vars. Confirm which metadata is authoritative. - Provenance: The skill's top-level 'source' is unknown and homepage was listed as none, while SKILL.md references a GitHub repo. Verify the repository and owner (github.com/5twang/claw-calendar) to ensure the skill comes from a legitimate maintainer. - Trust the API endpoint: The skill will send whatever API key you provide to the configured CALENDAR_API_BASE_URL. Only supply an API key for a server you control or fully trust. Prefer creating a scoped API key with the minimal permissions needed for calendar operations. - Limit exposure: Avoid placing a high-privilege or long-lived key in a global environment variable. If the platform supports per-skill credentials or ephemeral tokens, use those. Rotate the API key if you suspect misuse. - Platform-specific references: SKILL.md mentions 'WorkBuddy settings' — confirm how and where the host platform expects you to configure environment values so you don't accidentally leak keys to the wrong place. If you want to proceed, first verify the upstream repo and owner, confirm the required env vars are accurate, and create a least-privilege API key for use with this skill.

Review Dimensions

Purpose & Capability: okThe skill's name and description claim calendar management and the SKILL.md only requests a base URL and an API key (CALENDAR_API_BASE_URL, CALENDAR_API_KEY) which is appropriate and expected for a calendar API integration.
Instruction Scope: noteSKILL.md gives concrete API endpoints and authentication instructions (use X-API-Key header) and does not instruct the agent to read unrelated files or secrets. Minor oddity: the instructions tell users to configure values in 'WorkBuddy settings' (a product-specific reference) which may not match the host platform — this is a potential mismatch to confirm.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing is downloaded or written by an install step. That lowers the installation risk surface.
Credentials: concernThe required secrets (CALENDAR_API_BASE_URL and CALENDAR_API_KEY) are proportional to the claimed functionality. However, the registry metadata presented alongside the skill lists 'Required env vars: none' while SKILL.md declares those env vars and a primaryEnv; this inconsistency in declared requirements and the skill package metadata is concerning and should be reconciled before use.
Persistence & Privilege: okThe skill does not request persistent/always-on privileges (always=false) and is user-invocable. There is no code that would modify other skills or system-wide settings.