Skillv1.0.0

ClawScan security

Meta Ads Collector · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 5, 2026, 3:39 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (querying Meta's Ad Library) is coherent, but the SKILL.md expects sensitive Meta credentials and local code files that are not declared in the registry — these mismatches warrant caution before installing.
Guidance: This skill describes how to query Meta's Ad Library but the registry metadata does not declare the required credentials or include any code. Before installing: 1) Confirm the skill's origin and trustworthiness (no homepage/source provided). 2) Ask the publisher to update the registry to declare required env vars (META_ACCESS_TOKEN, META_APP_ID, META_APP_SECRET) so you know what secrets will be needed. 3) Request the actual implementation (metaAdsService.ts and related code) to review how tokens are used/stored and to verify there is no data exfiltration beyond the intended API calls. 4) Ensure your Facebook App has minimally scoped, reviewed Ad Library access and rotate any secrets after testing. If you cannot verify these points, treat this skill as unsafe to grant production credentials to.

Purpose & Capability: okName and description match the instructions: the skill queries the Meta/Facebook Ad Library to produce ad counts, formats, types, durations, and optional spend estimates — that's consistent with the declared purpose.
Instruction Scope: concernThe runtime instructions assume environment variables (META_ACCESS_TOKEN, META_APP_ID, META_APP_SECRET) and local modules (metaAdsService.ts, src/types/audit.types.ts) that are not present in the registry or package. SKILL.md directs the agent to call the external Meta Graph API (expected) but also references application internals and logging behavior that won't exist for an instruction-only skill as published.
Install Mechanism: okNo install spec and no code files — lowest-risk distribution model — but also means the SKILL.md is purely a specification/instruction and depends on external implementation that isn't bundled.
Credentials: concernThe instructions require sensitive credentials (META_ACCESS_TOKEN, META_APP_ID, META_APP_SECRET) yet the registry lists no required environment variables or primary credential. This is a mismatch: the skill needs secrets to function but does not declare them, so users may be surprised or the agent may attempt to prompt for or mishandle secrets.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges. Autonomous invocation is allowed (default) but that alone is expected and not a new concern here.