Back to skill
Skillv1.0.0
ClawScan security
usewhisper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 13, 2026, 5:25 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and behavior are coherent with its stated purpose (compressing and caching context and storing/retrieving memories) and nothing in the package requests unrelated privileges or credentials.
- Guidance
- This skill appears coherent with its stated purpose, but review and consider the following before installing: 1) Privacy: ingest_session sends user and assistant text to the remote API—ensure you trust the service and its data-retention policies. 2) Secrets: keep WHISPER_CONTEXT_API_KEY secret and rotate it if needed. 3) Default endpoint: the script defaults to https://context.usewhisper.dev—if you have a different endpoint (self-hosted or internal), set WHISPER_CONTEXT_API_URL. 4) Auto-create behavior: the helper may create projects in your org on first use—be aware it will perform write operations remotely. 5) Review the included whisper-context.mjs script yourself (or have an engineer do so) if you have high security requirements; the code is small and uses only fetch and explicit file/stdin reads.
Review Dimensions
- Purpose & Capability
- okName/description, required binary (node), and required env vars (WHISPER_CONTEXT_API_KEY, WHISPER_CONTEXT_PROJECT) match the declared purpose of calling a remote Whisper Context API. The helper's commands (query_context, ingest_session, memory_* etc.) are directly relevant to context compression, caching, and memory management.
- Instruction Scope
- noteSKILL.md and the included script limit local data access to explicit inputs (flags, @file paths, or stdin). The instructions clearly state that ingest_session will send user and assistant text to the remote Context API — a necessary behavior for long-term memory but a privacy consideration. There are no vague 'gather whatever context you need' directives; behavior is explicit.
- Install Mechanism
- okNo install spec is present (instruction-only install via ClawHub is documented), and the package includes a single Node script rather than an archive download or installer. This minimizes filesystem persistence risk compared to arbitrary downloads.
- Credentials
- okThe skill requests only an API key and project identifier for the remote service (plus an optional API URL). It does not request unrelated credentials or config paths. The required secret (WHISPER_CONTEXT_API_KEY) is proportionate to its function; SKILL.md explicitly warns to treat this as a secret.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or system-wide settings. It can be invoked autonomously (platform default) but has no unusual persistent privileges.