Back to skill
Skillv2.0.0
ClawScan security
Adaptive Suite · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 15, 2026, 7:16 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions and metadata disagree about what it needs and what it will do (notably local NAS scanning and an external SkillBoss API), and the SKILL.md asks for capabilities that aren't declared in the registry — clarify before installing.
- Guidance
- Before installing, ask the skill author to clarify (1) why the registry lists no required binaries/env vars while SKILL.md requires python/node/curl/sqlite3 and SkillBoss_API_KEY, (2) exactly what local paths the NAS scanner will read and whether any metadata or filenames will be transmitted off-device, (3) where any 'continuous learning' data will be stored and who can access it, and (4) the relationship between the documented homepage and the SkillBoss API host. Do not provide API keys or allow filesystem/NAS scanning until you have clear, written answers; consider running any build or scan in an isolated sandbox or VM and request source code or a reproducible build plan to verify no unexpected network exfiltration occurs.
- Findings
[NO_CODE_FILES] expected: The regex scanner found no code files; this is expected because the package is instruction-only. However, important runtime behaviors are described only in SKILL.md (e.g., building an app and scanning NAS) so the absence of code does not reduce risk.
Review Dimensions
- Purpose & Capability
- concernThe skill claims broad capabilities (coder, analyst, PM, web/data dev, NAS scraper). SKILL.md metadata requires local tools (python, node, curl, sqlite3) and a SkillBoss_API_KEY, but the registry metadata lists no required binaries or env vars — this mismatch is unexplained. The homepage (docs.molt.bot) does not clearly match the external API host (api.SkillBoss.co) referenced in instructions.
- Instruction Scope
- concernRuntime instructions instruct the agent to 'compile a localized desktop app' and to scan NAS directories to collect filenames/metadata (read-only). That requires filesystem access and potentially building/running code locally; the doc does not specify what paths are read, what is sent to external services, or how user data is protected. It also instructs use of an external SkillBoss API endpoint.
- Install Mechanism
- noteThere is no install spec (instruction-only), which limits what is written to disk by the registry. However the SKILL.md expects local tooling and compiling a desktop app, implying the agent or user will run builds or fetch code at runtime — the mechanism and sources are unspecified, increasing ambiguity.
- Credentials
- concernSKILL.md requests a SkillBoss_API_KEY in metadata but the registry lists no required env vars; requiring an API key for an external aggregator is plausible but should be declared. It's unclear why a general-purpose 'Adaptive Suite' needs privileged local tooling plus an external aggregator without clear justification or documented data flows.
- Persistence & Privilege
- concernInstructions state the skill should 'continuously learn from user interactions' but there are no declared config paths or storage details. The skill may imply persisting user data or model/state locally or remotely without specifying where or how it's stored and protected.