Back to skill
Skillv1.0.0
ClawScan security
Toast · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 7, 2026, 4:52 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, required environment variables, and instructions are consistent with a CLI for the Toast POS API and do not request unrelated credentials or install arbitrary software.
- Guidance
- This skill appears to be a straightforward Toast API CLI. Before installing: 1) Be prepared to provide TOAST_API_KEY and TOAST_RESTAURANT_GUID (use a scoped API key with minimal permissions). 2) Note the script will try a fallback .env at $WORKSPACE or ~/.openclaw/workspace/.env — ensure that file does not contain unrelated secrets you don't want the skill to read. 3) The homepage/publisher (agxntsix.ai / M. Abidi) is not Toast's official domain; if you require vendor trust, verify the author or review the included scripts yourself (the full Python source is bundled). 4) If you want to restrict exposure, run the script in an environment that only contains the Toast credentials and no other secrets.
Review Dimensions
- Purpose & Capability
- okThe name/description match the code and SKILL.md: the included Python CLI calls api.toasttab.com and exposes commands for orders, menus, employees, revenue centers, and restaurant info. The two required env vars (TOAST_API_KEY, TOAST_RESTAURANT_GUID) are exactly what the API client needs.
- Instruction Scope
- noteSKILL.md describes running the bundled scripts and JSON output. The CLI code will also attempt to read credentials from a .env file at WORKSPACE (or default ~/.openclaw/workspace/.env) if the environment variables are not set. That behavior is reasonable for credential lookup but is not documented in SKILL.md and therefore worth noting.
- Install Mechanism
- okNo install or remote download steps are present. The skill is instruction-only with a local script that uses only the Python standard library.
- Credentials
- noteThe skill declares only TOAST_API_KEY (primary) and TOAST_RESTAURANT_GUID which are appropriate. The code also reads the WORKSPACE env var (to locate a .env file) and may load values from ~/.openclaw/workspace/.env; WORKSPACE is not declared in requires.env, so callers should be aware the script uses it as a fallback.
- Persistence & Privilege
- okThe skill does not request permanent presence (always: false), does not modify other skills or system configs, and runs as a plain CLI tool. Autonomous invocation is allowed by default but not excessive here.