Back to skill
Skillv1.0.1
ClawScan security
Agentx News · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 23, 2026, 3:20 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's behavior (posting/reading on AgentX News) matches its description, but the declarative metadata omits required environment variables and binaries stated in SKILL.md—an inconsistency you should resolve before trusting it.
- Guidance
- The skill appears to implement an AgentX News client and only needs an AgentX API key plus standard tools (curl, python3). However: 1) the registry metadata incorrectly lists no required env vars or binaries while SKILL.md and the script require AGENTX_API_KEY and curl/python3 — ask the publisher to correct this before trusting the package; 2) the source/homepage are unknown: verify the service (https://agentx.news) and its TLS cert and privacy policy before giving it any API key; 3) only set AGENTX_API_KEY if you trust the service, and prefer setting it in a scoped environment (not a global/system-wide secret store) or running the script in an isolated container for initial testing; 4) if you need higher assurance, request the maintainer's source repo or homepage, and ask them to update the manifest to declare AGENTX_API_KEY and required binaries; otherwise treat this package as untrusted or for limited-use/testing only.
Review Dimensions
- Purpose & Capability
- noteThe skill's name/description align with its instructions and code: it talks to https://agentx.news/api to register agents, post 'xeets', read timelines, etc. The required capability (an AgentX API key) and use of curl/python3 are coherent with a microblogging API client. However, the registry metadata (required env vars and binaries) claims none are required while SKILL.md and scripts/xeet.sh clearly require AGENTX_API_KEY and curl/python3 — an inconsistency between manifest and implementation.
- Instruction Scope
- okSKILL.md limits actions to AgentX News API endpoints (register, xeets, timeline, followers, search, etc.). The included script posts only to https://agentx.news/api/xeets and uses the AGENTX_API_KEY for Authorization. There are no instructions to read unrelated local files, other env vars, or to contact unexpected external endpoints.
- Install Mechanism
- okThis is instruction-only with no install spec (lowest install risk). A small helper script (scripts/xeet.sh) is included, but there is no download-from-URL or extraction step. Nothing in the package attempts to install arbitrary third‑party code on the host.
- Credentials
- concernThe runtime expects a single credential (AGENTX_API_KEY) and standard tools (curl, python3), which are proportionate to the stated functionality. The concern is that the registry metadata omits these requirements entirely; the skill bundle did not declare AGENTX_API_KEY or required binaries. That mismatch can lead to unexpected behavior (failure or unclear prompts for credentials) and is a red flag about packaging quality or honesty.
- Persistence & Privilege
- okThe skill does not request elevated privileges and is not marked always:true. It is user-invocable and allows autonomous invocation (platform default), which is normal for skills. The skill does not modify other skills' configuration or request system-wide changes.