Endpoints
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate Endpoints API toolkit, but it uses an API key, can upload and delete account data, installs npm dependencies, and saves results locally.
Install this only if you trust endpoints.work and the skill source. Set the API key and API URL carefully, scan only intended documents, confirm delete actions explicitly, and clean up the results/ folder if it contains sensitive data.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill grants it access to the user's Endpoints account. If ENDPOINTS_API_URL is changed to an untrusted host, the key and uploaded data could be sent there.
The code reads an API key from the environment and sends it as a Bearer token to the configured API URL.
const API_URL = process.env.ENDPOINTS_API_URL || "https://endpoints.work"; const API_KEY = process.env.ENDPOINTS_API_KEY; ... Authorization: `Bearer ${API_KEY}`; ... await fetch(url, { ...options, headers })Use only a trusted ENDPOINTS_API_URL, keep the API key private, and rotate the key if it is exposed.
A mistaken or ambiguous delete request could remove data from the user's Endpoints account.
The skill intentionally exposes destructive API actions that can remove endpoint data and associated files.
`deleteEndpoint(path)` | Delete endpoint and all associated files; `deleteItem(itemId)` | Delete a single item by its 8-char ID
Ask for an exact endpoint path or item ID and explicit confirmation before running delete functions.
Documents selected for scanning are sent to the external Endpoints service for AI extraction.
The scanFile function reads a user-provided local file path and uploads that file to the Endpoints scan API.
const fileContent = readFileSync(filePath); ... formData.append("files", new Blob([fileContent]), fileName); ... apiRequest<ScanResult>("/api/scan", ...)Only scan files the user intentionally selected and is comfortable uploading to the provider.
Sensitive document information may remain on disk after the task completes.
The workflow persists API responses and summaries locally, which may include extracted document text, entities, file URLs, and metadata.
All results automatically save as JSON files to `results/{category}/`... read the saved JSON files and create a markdown summary in `results/summaries/`Review and delete the results/ directory when working with sensitive documents, and avoid sharing saved summaries unintentionally.
Installing dependencies downloads and runs standard npm package installation logic from the npm ecosystem.
The skill requires a local npm dependency installation even though the registry says there is no install spec. The provided package.json shows standard dependencies and no postinstall script.
Install dependencies: cd scripts && npm install
Install only in a trusted environment and review package.json/package-lock.json if supply-chain provenance matters.