Back to skill
Skillv1.0.2
ClawScan security
ClawTV · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 14, 2026, 5:23 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and required Anthropic API key are coherent with its stated purpose (vision-driven Apple TV remote); the main risks are expected privacy/cost trade-offs (screenshots sent to Anthropic, plaintext local storage of pairing/plex tokens).
- Guidance
- This skill is coherent for its purpose but handles sensitive data: screenshots of your TV are saved locally and (when using the AI 'do' mode) transmitted to Anthropic — only enable that mode if you trust sending those images externally. Plex tokens and Apple TV pairing credentials are stored unencrypted in ~/.clawtv/config.json; do not place secrets there if you cannot accept plaintext storage. Use a budget-limited Anthropic key, monitor API usage (the 'do' loop can make many calls), restrict file permissions on ~/.clawtv/, and prefer manual commands (cmd/type/launch/plex) when you want zero external data transmission. If you need higher assurance, inspect the included clawtv.py before running and consider running it in a restricted account or VM.
Review Dimensions
- Purpose & Capability
- okThe skill claims to perform vision-based Apple TV navigation and indeed requires Python and an Anthropic API key for the 'do' (vision) mode. Optional Plex integration is implemented and the README/requirements include plexapi. Requested artifacts (python3, ANTHROPIC_API_KEY) align with the described functionality.
- Instruction Scope
- noteSKILL.md and README explicitly instruct the agent to capture screenshots, save them to ~/.clawtv/screenshots/, and transmit screenshots + conversation history to Anthropic for the AI 'do' loop. Manual commands bypass the API. This behavior is within the stated scope but has clear privacy implications (screenshots may contain sensitive UI content) and should be understood before enabling AI mode.
- Install Mechanism
- okNo install spec is provided (instruction-only), which minimizes automatic disk writes by the registry installer. The package includes a Python single-file implementation and a requirements.txt referencing expected libraries (pyatv, anthropic, plexapi). No downloads from untrusted URLs or extract operations are present in registry metadata.
- Credentials
- noteOnly ANTHROPIC_API_KEY is required by the skill (primary credential) which is appropriate for a vision/LLM integration. Optional Plex credentials are stored in ~/.clawtv/config.json for direct Plex control — these are not required by the skill but when used are stored unencrypted. The number and type of credentials requested are proportionate, but users should be aware of plaintext storage of pairing and Plex tokens.
- Persistence & Privilege
- okThe skill does not request always:true or elevated platform privileges. It persists data to user-home paths (~/.clawtv/) only and stores its own config and screenshots there, which is normal for a CLI tool. Persistent presence and autonomous invocation defaults are not abused.