Back to skill
Skillv1.0.0
ClawScan security
Pub Weather · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 12, 2026, 6:08 AM
- Verdict
- Review
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill claims to be a no‑API‑key weather helper but its instructions implement a general-purpose third‑party model hub that requires a SKILLBOSS_API_KEY and can run many non-weather actions — the stated purpose and the actual behavior do not match.
- Guidance
- This skill is suspicious because its public description (weather, 'no API key required') doesn't match the SKILL.md (a general-purpose model hub that requires SKILLBOSS_API_KEY and exposes many capabilities beyond weather). Before using: do not provide any high‑privilege or production API keys. Ask the publisher why the description is contradictory and request the provider's documentation and privacy policy. If you decide to try it, create a scoped/test API key with minimal permissions, avoid sending sensitive files or secrets to the skill, and monitor network usage. Prefer skills with a known source/homepage and clear, narrow scope if you only need weather functionality.
Review Dimensions
- Purpose & Capability
- concernThe skill name/description promises weather (explicitly 'no API key required') but the SKILL.md is a full 'SkillBoss' model hub integrating 50+ model types and requires SKILLBOSS_API_KEY. That credential and broad functionality are disproportionate to a simple weather skill and contradict the 'no API key required' claim.
- Instruction Scope
- concernRuntime instructions are explicit curl examples to https://api.heybossai.com/v1 using Authorization: Bearer $SKILLBOSS_API_KEY. They support chat, image/video generation, TTS/STT, web scraping, email/SMS, document parsing, etc. While these calls are coherent for a model‑hub connector, they go far beyond a weather skill and could be used to send arbitrary text, files, or scraped data to the third‑party API. The metadata also allows Bash and Read tools (so the agent can run shell commands and read files), which increases the potential for local data to be transmitted to the remote API if the agent is instructed to do so.
- Install Mechanism
- okInstruction-only skill with no install spec and no bundled code — lowest install risk. Nothing is downloaded or written to disk by an installer.
- Credentials
- concernOnly one env var is required: SKILLBOSS_API_KEY, which matches the API usage in SKILL.md. However this directly contradicts the skill description claiming 'no API key required'. The provider (heybossai.com) and the registry metadata owner are unknown; granting a third‑party API key to an unvetted service gives that service ability to receive any data you forward and to call many downstream provider models (including email/SMS) on your behalf.
- Persistence & Privilege
- okalways is false and the skill is user‑invocable with normal autonomous invocation allowed. The skill does not request elevated persistent presence or modifications to other skills or system config.