ClawHub
Back to skill
v1.0.2

Pocketalert

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 4:57 AM.

Analysis

This instruction-only skill is mostly aligned with sending Pocket Alert notifications, but it also documents credential-backed account-management and deletion commands that deserve review before use.

GuidanceReview this skill before installing. It appears intended for Pocket Alert notifications and shows no malicious code, but only use it with a trusted CLI and a limited API key. Treat broadcasts, delete commands, webhook creation, and configuration changes as actions requiring explicit approval.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceMediumStatusConcern
SKILL.md
pocketalert messages send -t "Alert" -m "System update" -d all ... pocketalert apps delete <tid> ... pocketalert devices delete <tid> ... pocketalert webhooks delete <tid>

The documented command set includes broadcasting to all devices and deleting account resources, which is broader and more destructive than simply sending user-directed alerts.

User impactAn agent following these instructions could accidentally spam all devices or remove Pocket Alert apps, devices, or webhooks from the user's account.
RecommendationRestrict normal use to sending/listing notifications, and require explicit user confirmation before using all-device broadcasts, delete commands, webhook creation, or configuration changes.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
SKILL.md
Download from https://info.pocketalert.app/cli.html and extract to /usr/local/bin/

The setup relies on an external CLI download and privileged local install path, but the artifact provides no checksum, package pin, or install spec.

User impactUsers must trust the external CLI download and its update path before allowing an agent to use it.
RecommendationInstall the CLI only from the official Pocket Alert source, verify checksums or signatures when available, and avoid installing unverified binaries into system paths.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
pocketalert auth <your-api-key> ... Configuration is stored at `~/.pocketalert/config.json`.

The skill depends on a Pocket Alert API key and local credential/config storage. This is expected for the service, but users should recognize that the agent can act with that account authority once authenticated.

User impactCommands run through this skill may use the user's Pocket Alert account permissions.
RecommendationUse a least-privileged API key if Pocket Alert supports it, rotate keys if exposed, and avoid granting the agent access to accounts or devices it does not need.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceMediumStatusNote
SKILL.md
pocketalert webhooks create --name "GitHub Push" --message "Push to %repository.name%: %head_commit.message%"

Webhook templates can transform incoming third-party payload fields into push notifications, so data boundaries depend on the webhook source and template contents.

User impactWebhook notifications could expose repository, CI/CD, or other event data on mobile devices if templates include sensitive payload fields.
RecommendationCreate webhooks only for trusted sources, review template variables carefully, and avoid sending secrets or sensitive payload fields in notifications.