Skillv1.1.0

ClawScan security

Placed Resume Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 21, 2026, 10:01 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's runtime instructions look appropriate for a resume-builder, but the published metadata omits that it requires and will persist a PLACED_API_KEY and a credentials file, and it instructs saving that key in plaintext — these inconsistencies and the plaintext persistence warrant caution.
Guidance: What to know and steps before installing: - Inconsistency to fix: the registry metadata says no env vars/config paths, but SKILL.md reads and writes PLACED_API_KEY and ~/.config/placed/credentials. Ask the publisher to correct metadata so the required secret and config path are explicit. - Credential persistence: the skill instructs saving your API key in plaintext as an 'export' line in ~/.config/placed/credentials. If you install/use this skill, do NOT paste a high-privilege or long-lived key unless you trust the site. Prefer creating a limited-scope or revocable API key for this purpose. - Safer alternatives: instead of allowing automatic file write, consider setting PLACED_API_KEY in your environment/session yourself or use a system keyring/secret manager. If the skill must save a file, ensure the file permissions are restrictive (chmod 600) and the directory is private. - Verify the service: confirm you trust https://placed.exidian.tech (TLS certificate, privacy policy, and account settings). The curl endpoint used is https://placed.exidian.tech/api/mcp — check network traffic or logs if you need to audit what is sent. - Minimal exposure: if you proceed, create a dedicated API key with the least privileges required and be prepared to revoke it if you stop using the skill or if you detect misuse. - Ask for clarification: request that the publisher explicitly declare requires.env: PLACED_API_KEY and required config path ~/.config/placed/credentials in the skill metadata and explain why they persist the key and whether encryption/permission guidance is provided. Overall: the skill appears to do what it says, but the undocumented handling and plaintext persistence of your API key is why this is 'suspicious' rather than 'benign.'

Review Dimensions

Purpose & Capability: concernThe SKILL.md clearly describes a resume-building integration with placed.exidian.tech and the curl API calls align with that purpose. However, registry metadata claims no required env vars or config paths while the instructions depend on PLACED_API_KEY and the ~/.config/placed/credentials file — this mismatch is unexplained and inconsistent.
Instruction Scope: concernRuntime instructions require sourcing and writing ~/.config/placed/credentials, prompting the user for an API key if missing, and then persistently saving that key as an export line in a file. Apart from calling the placed API (curl) and minimal local file I/O for credentials, there is no other I/O — but the directive to write credentials in plaintext is a scope/behavior the registry did not declare.
Install Mechanism: okThis is an instruction-only skill with no install steps and no code files to fetch or execute. That minimizes installation risk.
Credentials: concernFunctionally the skill needs exactly one secret (PLACED_API_KEY) for the Placed API, which is proportionate. But the package metadata did not declare this primary credential or the config path; additionally, the skill instructs storing the secret unencrypted in ~/.config/placed/credentials, which is a security concern and should have been declared.
Persistence & Privilege: noteThe skill does not request elevated platform privileges or always: true. It does instruct persistent storage of the user's API key under ~/.config/placed/credentials (creates directory and writes an 'export' line), which is normal for convenience but increases attack surface if the file is world-readable or the key is reused elsewhere.