Skillv1.0.1

ClawScan security

Zinc Universal Checkout · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 12, 2026, 12:39 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: Skill appears to do what it says (talk to Zinc's API using a Zinc API key); it's instruction-only with no install, but there is a minor metadata inconsistency and some operational details you should review before enabling it.
Guidance: This skill is internally consistent with its stated purpose of interacting with the Zinc API and is instruction-only (no install or code), but check these before installing: 1) Provide a ZINC_API_KEY from app.zinc.com; prefer setting it as an environment variable rather than embedding it in ~/.openclaw/openclaw.json or other plaintext files. 2) Confirm the agent will always ask the user before POSTing orders (SKILL.md says it should) — if your agent can act autonomously, restrict that when money is involved. 3) Be aware the skill schedules follow-up checks and posts announcements to channels; if you don't want automated messages, limit the agent's scheduler/messaging permissions. 4) The package metadata omitted the required env var — verify the runtime will actually be given the API key (and not left unset). If you need stronger assurance, ask the skill author for a signed/official source or a repository link.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (placing/listing/retrieving orders via Zinc) matches the instructions which call https://api.zinc.com and require a ZINC_API_KEY. However, the registry metadata in the package lists no required env vars / primary credential while both SKILL.md and README.md clearly say ZINC_API_KEY is required — metadata omission is an inconsistency to be aware of.
Instruction Scope: noteSKILL.md only describes Zinc API endpoints (POST /orders, GET /orders) and includes example curl, error handling, and polling instructions. It also instructs the agent to schedule cron-like checks and 'announce' results to a channel; that is consistent with asynchronous order processing but means the agent will use platform scheduling/messaging features — confirm you expect that behavior. The skill explicitly requires user confirmation before placing orders, which is good practice.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest-risk distribution model (nothing is downloaded or written by an installer).
Credentials: noteOnly a single credential (ZINC_API_KEY) is needed according to SKILL.md/README, which is proportional to the stated purpose. Note: README documents an option to embed the key into an OpenClaw config (~/.openclaw/openclaw.json) instead of using an environment variable — storing secrets in plaintext config files increases risk and should be avoided if possible. Also note the package metadata failing to declare required env var is an administrative inconsistency.
Persistence & Privilege: okSkill does not request always:true or any elevated platform privilege. It includes instructions to schedule follow-up checks using the agent's scheduler/messaging mechanisms, which is reasonable for async order tracking but means the agent will create scheduled tasks/announcements if allowed — ensure your agent's scheduler permissions are constrained as you expect.