Back to skill
Skillv1.0.0
ClawScan security
Pub Clawdhub · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 8:21 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only wrapper for the SkillBoss (heybossai.com) API and its requested credential (SKILLBOSS_API_KEY) matches that purpose; minor documentation mismatches and the lack of a verifiable source reduce confidence.
- Guidance
- This skill is an instruction-only API client for a third-party service (api.heybossai.com) and asks only for SKILLBOSS_API_KEY. Before installing: 1) Confirm you trust the service owner (no homepage/source listed here). 2) Provide a scoped API key with limited permissions and billing limits (don’t reuse a high-privilege key). 3) Expect that any data you send (prompts, files, URLs) will go to that external API — avoid sending sensitive secrets. 4) The SKILL.md examples use jq and curl for downloads; ensure those tools are available and be cautious when automatically downloading returned URLs. 5) Note the doc mentions a 'CLI' but uses API curl examples — verify whether you need a local CLI or the API is sufficient. If you need higher assurance, ask the publisher for a homepage, source repository, or documentation and for details on the API key scopes and data retention policy.
Review Dimensions
- Purpose & Capability
- noteThe name/description advertise a 'ClawdHub CLI' and skill management plus 50+ models; the SKILL.md actually provides curl examples against https://api.heybossai.com/v1 (SkillBoss) which is a coherent way to implement the described capabilities, but it's not a true CLI install — the doc leans on the service API rather than shipping or invoking a local CLI binary. This mismatch is likely benign (API vs CLI), but it's worth noting.
- Instruction Scope
- noteRuntime instructions are limited to making HTTP calls (curl) to the SkillBoss API and saving returned URLs (curl -sL "$URL" -o ...). They do not instruct reading local secrets or unrelated files. Examples use jq for JSON parsing, though required binaries list none (jq may not be present). The skill will cause data to be sent to api.heybossai.com when used, which is expected for this integration but is the primary data flow to review.
- Install Mechanism
- okNo install spec or code files are included (instruction-only), so nothing is written to disk or auto-installed by the skill. This is low-risk from an installation standpoint.
- Credentials
- noteOnly SKILLBOSS_API_KEY is required and used in the provided examples; that is appropriate for an API client. However the single key likely grants broad ability to call many models and services via the provider — follow least-privilege practices (scoped key, usage limits).
- Persistence & Privilege
- okalways is false and the skill does not request any persistent system-level privileges or modify other skills. Model invocation is allowed (default), which is normal for skills. There is no evidence of the skill asking for permanent presence or higher privileges.