Skillv1.0.3

ClawScan security

AnveVoice · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 22, 2026, 7:11 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions generally match its stated purpose (adding a voice assistant to websites) and request only an API key, but there are minor metadata inconsistencies and the skill will transmit visitor voice and analytics to external endpoints — review privacy and key scopes before use.
Guidance: This skill appears to be what it says — a SaaS voice widget — but review and confirm a few things before installing: - Verify the API key: create a key with the minimum scopes needed (avoid a single 'full_access' key). Use separate dev/staging/prod keys and rotate/revoke as needed. - Confirm the vendor: the package metadata is missing a homepage in the registry but the SKILL.md/README point to https://anvevoice.com — visit that site, confirm contact/support channels, and validate the developer identity before trusting keys. - Privacy & consent: embedding the widget will request microphone access and send voice recordings, transcripts, and page metadata to AnveVoice servers. Ensure you disclose this in your privacy policy and obtain user consent. If you handle regulated data (PHI), get a BAA before sending any protected information. - Endpoint verification: SECURITY.md lists a Supabase project and specific function endpoints. Treat these as the service endpoints; if you require on-prem or self-hosted options, confirm with the vendor. - Test with non-sensitive data first: deploy in a staging environment, validate retention/auto-delete settings, and monitor usage in the dashboard for unexpected activity. - Metadata inconsistency: the registry metadata omitted the required env var while SKILL.md requires ANVEVOICE_API_KEY. This is likely a packaging oversight but verify the key requirement before use. If you are comfortable after these checks, using the skill is coherent with its stated purpose. If any of the verification steps fail (vendor unreachable, unclear privacy guarantees, or you cannot limit key scope), treat installation as risky.

Review Dimensions

Purpose & Capability: okThe name/description (voice assistants for websites) align with the documented capabilities (embed widget, bot management, analytics, recordings). Declared MCP tools and endpoints (anvevoice.com, a Supabase functions domain) are consistent with a SaaS voice platform. One discrepancy: the registry summary at the top of the package claims no required env vars, whereas the SKILL.md metadata and SECURITY.md require ANVEVOICE_API_KEY (primaryEnv).
Instruction Scope: noteSKILL.md instructs the agent to set ANVEVOICE_API_KEY and to call platform tools (create_bot, add_knowledge, get_embed_code, analytics). It also documents embedding an external script which asks for microphone permission and sends voice recordings/transcripts and page metadata to AnveVoice servers. That behavior is expected for this product, but it explicitly transmits potentially sensitive visitor data to external endpoints — the SKILL.md and SECURITY.md advise consent and legal protections, which is appropriate.
Install Mechanism: okThis is an instruction-only skill with no install specification and no code files included in the package, so nothing is downloaded or written by the skill itself. The README shows an example install command referencing a GitHub repo, but there is no install script in the skill bundle.
Credentials: noteThe skill asks for a single API credential (ANVEVOICE_API_KEY) which is proportionate to a SaaS control panel. However, there's an inconsistency between the registry metadata (which listed no required env vars) and the SKILL.md/SECURITY.md (which require the API key). No unrelated credentials or system paths are requested.
Persistence & Privilege: okThe skill does not request always:true and it does not declare any system-level persistence or modification of other skills. Autonomous invocation is allowed (platform default) and appropriate for a tool that manages bots and analytics.