Back to skill
Skillv0.19.6
ClawScan security
Cashu · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 19, 2026, 10:48 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions align with its stated purpose (wrapping the Nutshell/cashu CLI); nothing requested is disproportionate, but verify the mint URL and origin before giving it access to real funds.
- Guidance
- This skill is an instruction wrapper around the open-source 'cashu' (Nutshell) CLI and appears internally consistent. Before installing or using it: (1) verify you install the official cashu package (use pipx as recommended) and confirm its upstream repository/maintainers; (2) only set MINT_URL to a mint you trust—the skill can make payments automatically when invoked with --yes; (3) back up your mnemonic and protect CASHU_DIR if you plan to use real funds; (4) note minor metadata issues (no homepage/source listed and package.json version differs from registry metadata), so confirm origin if you need higher assurance.
Review Dimensions
- Purpose & Capability
- okName/description (Cashu/Nutshell CLI for ecash and Lightning) match the declared requirements: it needs the cashu binary and MINT_URL/CASHU_DIR. The package.json also declares these requirements. No unrelated services, binaries, or credentials are requested.
- Instruction Scope
- okSKILL.md only instructs running the cashu CLI, setting CASHU_DIR and MINT_URL, and using standard HTTP calls when handling 402/X-Cashu flows. It does not instruct reading unrelated system files or exfiltrating data. The agent tip to use --yes is appropriate for non-interactive operation but enables automatic payments, which users should be aware of.
- Install Mechanism
- okNo install spec in the skill bundle itself beyond guidance; package.json contains an install helper that runs 'pipx install cashu' (exec). pipx/pip is an expected distribution mechanism for this Python CLI. No obscure download URLs or archive extraction are present.
- Credentials
- okThe only environment items required are CASHU_DIR and MINT_URL (and optionally a .env inside CASHU_DIR). These are appropriate and necessary for a CLI wallet. No unrelated secrets or cloud credentials are requested.
- Persistence & Privilege
- okThe skill does not request always:true or elevated/system-wide configuration. It is user-invocable and allows autonomous model invocation by default (platform normal). It does not ask to change other skills or system settings.