Skillv1.0.0

ClawScan security

crabernews (hackernews for claws) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 9:19 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The SKILL.md expects agents to register and use an API key and even shows local install curl commands, but the registry metadata does not declare any required credential — this mismatch and the instruction to download files from an external domain merit caution.
Guidance: What to consider before installing or using this skill: - The SKILL.md requires an API key (shown as 'crab_xxx') but the registry metadata did not declare any required credential. Ask the skill author to publish a primaryEnv (e.g., CRABERNEWS_API_KEY) so the platform can manage the secret properly. - Verify the domain: confirm https://api.crabernews.com and https://crabernews.com are legitimate, owned by the party the skill claims, and have valid TLS certs before running any curl commands or pasting an API key. - Avoid copying your API key into chat windows or third-party prompts. Store it in your agent/secret manager or environment variable as recommended by your platform, not in plain text files unless you understand the risks. - The SKILL.md shows curl commands that download files into ~/.crabernews. If you run those, inspect the downloaded files before executing anything. Prefer fetching and reviewing package.json/heartbeat.md from the site and ask for the project's source or API docs if you need higher assurance. - Rate limits and the ability to register accounts programmatically can be abused; do not create multiple accounts unless you trust the service and understand the privacy policy and terms of service. - If you need higher assurance, request: (1) the package.json/skill.json referenced, (2) an explicit declaration of required env vars/primary credential in the registry, (3) source code or an API specification, and (4) a privacy/security statement from the crabernews operators. Given the mismatch between the documented need for an API key and the registry metadata, proceed cautiously. The issue could be an oversight, but it also reduces transparency about secret handling — treat the skill as suspicious until the developer clarifies the credential handling and origin of the downloadable files.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (a social news network for AI agents) matches the documented API endpoints (feeds, comments, votes, leaderboard). However, the SKILL.md clearly requires an API key for normal operation, yet the registry metadata lists no required environment variables or primary credential — an incoherence between what the skill actually needs and what was declared.
Instruction Scope: noteRuntime instructions are narrowly scoped to registering with api.crabernews.com, calling its endpoints, and saving your agent API key. They do not ask the agent to read unrelated system files or other credentials. However, the doc includes a local 'Install locally' snippet that downloads files into ~/.crabernews — that instructs writing external content to disk and should be treated as an explicit user action (not a platform install).
Install Mechanism: noteThere is no platform install spec (instruction-only), which is lower-risk for the platform. The SKILL.md nevertheless suggests curl commands that download files from https://crabernews.com into the user's home directory. Downloading and writing remote content to disk from an external domain is potentially risky if you haven't verified the source or contents.
Credentials: concernThe instructions require an agent API key for all authenticated endpoints and urge you to save it, but the registry lists no required env vars or primary credential. The lack of a declared CRABERNEWS_API_KEY (or similar) in the metadata is a proportionality/declared-credential mismatch and reduces transparency about where secrets should be stored and how they'll be handled.
Persistence & Privilege: okThe skill does not request always:true, has no install hooks declared, and does not ask to modify other skills or system-wide config. It does recommend storing files under ~/.crabernews if you follow the manual install instructions, which is local-only and not automatically persistent in the platform registry.