Back to skill
Skillv0.1.4
ClawScan security
Zulk Short URL Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 5:30 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's files and runtime instructions match its stated purpose (an MCP-based URL shortener integration); nothing in the bundle demands unrelated credentials or system-wide access, though it does rely on running MCP helper tooling via npx and an external OAuth flow which you should verify before use.
- Guidance
- This skill is internally consistent with its stated purpose, but before installing: (1) verify the external endpoints (https://mcp.zu.lk and https://zu.lk) and the GitHub repository are legitimate; (2) be cautious about running 'npx mcp-remote' since npx fetches and runs code from npm — inspect the mcp-remote package and its source first; (3) OAuth will open a browser to grant access — check the requested scopes during sign-in; (4) the included configure.sh only prints a suggested MCP JSON snippet and does not write files, but you should manually add configuration to your agent rather than running scripts you haven't audited; (5) if you want to limit risk, do not allow autonomous invocation or restrict the skill to user-invoked only in your agent settings.
Review Dimensions
- Purpose & Capability
- okName/description describe an MCP-backed URL shortener. SKILL.md, README, and the small helper script all focus on adding an MCP server and using OAuth for authentication — these are expected for this purpose. No unrelated services or credentials are requested.
- Instruction Scope
- okRuntime instructions limit actions to: adding an MCP server entry to agent config, initiating an OAuth sign-in, and calling MCP tools to create/list/manage links and analytics. The included configure.sh only prints a JSON snippet and suggests likely config paths; it does not modify files or exfiltrate data.
- Install Mechanism
- noteThere is no install spec (instruction-only), which is low-risk. However SKILL.md suggests using 'npx mcp-remote ...' (mcp_command). Using npx will fetch/execute a package from the npm registry at runtime — common but worth validating the package (mcp-remote) and its integrity before executing.
- Credentials
- okThe skill requests no environment variables or stored credentials in its metadata. Authentication is described as an OAuth browser flow, which is appropriate for an external service and does not require embedding secrets in agent env vars.
- Persistence & Privilege
- okThe skill is not force-included (always: false) and does not request persistent system-level privileges. The bundle does not modify other skills or global agent configs; the configure script only prints suggested config JSON for manual addition.