Skillv1.0.0

ClawScan security

Expanso text-summarize · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 9:43 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement a simple local-text summarizer, but there are inconsistencies between the declared requirements/metadata and the runtime instructions (notably around the OPENAI_API_KEY and deployment), so you should review before installing.
Guidance: What to check before installing: - Confirm the OPENAI_API_KEY requirement: the pipelines and README use OPENAI_API_KEY. If you don't want to use OpenAI, switch the pipeline to a local Ollama backend as documented. - Verify registry metadata accuracy: the skill should declare OPENAI_API_KEY if it's needed. Mismatched metadata is a warning sign. - Be aware MCP mode starts an HTTP server on 0.0.0.0:${PORT}. Only run it on a machine/network you control, and bind to localhost if you don't want external access. - The README suggests a 'deploy to Expanso Cloud' step — deploying will send the pipeline YAML to that service; confirm you understand what will be uploaded and that you are comfortable doing so. - Install expanso-edge from a trusted source (the README suggests clawhub) and inspect the binary/tools you install. - If privacy is critical, prefer the Ollama/local backend option so no external LLM calls occur. If you proceed, test locally with non-sensitive text and monitor logs to confirm keys are not transmitted.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (text summarization) matches the pipelines and files. However, the registry metadata claims no required environment variables while the pipelines and README clearly reference an OPENAI_API_KEY (unless using Ollama). That mismatch between declared requirements and actual runtime needs is an incoherence that should be resolved before trusting the skill.
Instruction Scope: noteThe SKILL.md and pipeline YAMLs stay within the summarization scope: they read input, compute hashes for audit, call an LLM backend, format output, and log. Things to note: (1) MCP mode starts an HTTP server bound to 0.0.0.0:${PORT}, which exposes an endpoint that will accept text to summarize — ensure you understand network exposure; (2) README and SKILL.md offer a 'deploy to Expanso Cloud' command that would send the pipeline to an external service (the pipeline YAML itself, not your API key), so be cautious about what you deploy.
Install Mechanism: okThis is instruction-only (no install spec or code files to execute). It requires the expanso-edge binary to be present; the README suggests installing via `clawhub install expanso-edge`. No archives or remote downloads are embedded in the skill package itself.
Credentials: concernThe runtime expects OPENAI_API_KEY (and optionally PORT), and skill.yaml lists OPENAI_API_KEY as a credential (marked not required if using Ollama). But the registry metadata lists no required env vars — an inconsistency. Requesting an API key for the LLM backend is reasonable for this skill, but it should be declared consistently in the registry metadata and install/instructions. Also note: if you run in MCP mode, callers can send arbitrary text; the key remains local, but traffic to the model will consume your quota.
Persistence & Privilege: okThe skill does not request permanent presence (always:false) and does not modify other skills or system configs. Running an MCP server binds a port (potential network exposure), but that is within the expected behavior for an HTTP-backed pipeline.