ClawHub
Back to skill
v0.7.0

Authensor Gateway

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:20 AM.

Analysis

This appears to be a purpose-aligned Authensor policy gate, but it works by changing tool-call behavior and sending redacted action metadata to a configured control plane.

GuidanceThis skill looks coherent with its stated security-gateway purpose. Before installing, confirm it will be enabled in the sessions where you expect protection, verify the control-plane URL, use a dedicated API key, review policy and log-retention settings, and avoid embedding secrets in command lines, URLs, or tool arguments.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack
SeverityMediumConfidenceHighStatusNote
SKILL.md
**You MUST follow this protocol before executing any tool call.** No exceptions.

This is broad agent-behavior control. It is expected for a policy-gate skill, but it changes the normal sequence for all tool calls when the skill is active.

User impactTool calls may be delayed, require approval, or be blocked according to Authensor policy.
RecommendationUse it only when you intentionally want Authensor to mediate tool execution, and test the policy defaults before relying on it.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
requires:
  env:
    - CONTROL_PLANE_URL
    - AUTHENSOR_API_KEY

The skill requires an Authensor API key and control-plane URL. This is expected for the integration, but it is still delegated account access.

User impactA leaked or overly broad API key could expose or alter Authensor policy or audit data depending on the service's account controls.
RecommendationUse a dedicated least-privilege API key, store it securely, and rotate or revoke it if it may have been exposed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
SKILL.md
Before sending the resource to the control plane, **strip any sensitive data** ... `Bash` ... `The full command string` ... `MCP tool calls` ... `The tool name and arguments`

The skill sends redacted action-resource metadata to a configured control plane. That is core to the gateway purpose, but the metadata can still include operationally sensitive paths, commands, URLs, and tool arguments.

User impactAuthensor or the configured control plane may see details about what tools are being used and what resources they target.
RecommendationVerify the CONTROL_PLANE_URL, review the service's privacy and retention terms, and avoid putting secrets directly in commands, URLs, or tool arguments.
Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Every action (allowed, denied, or pending) is logged with a receipt ID and timestamp.

The skill discloses persistent audit logging of action records. This is purpose-aligned for compliance, but users should understand what is retained.

User impactA history of tool actions may be stored outside the immediate chat session.
RecommendationReview audit-log retention, access controls, and deletion options before using it in sensitive environments.