Back to skill
Skillv1.0.1
ClawScan security
TheRoaster · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:27 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements are coherent with a roast-generator API: it just documents HTTP endpoints and an on‑chain purchase flow and does not ask for unrelated credentials or install code, but take care around wallet signing and API key storage.
- Guidance
- This skill is internally consistent for a roast-generator service. Before installing: 1) verify the domain (https://theroaster.app) and the on‑chain contract address if you plan to purchase plans; 2) never give the agent private wallet keys or an automated signer — treat any purchase flow as requiring explicit human confirmation; 3) if an api_key is issued, store it in your agent's secure secret store (the SKILL.md warns the key is shown only once); 4) confirm your agent’s policies prevent it from automatically signing or broadcasting transactions; and 5) if you need extra assurance, test only using the free tier first.
Review Dimensions
- Purpose & Capability
- okThe SKILL.md (and README) describe a roast-generation API and on-chain entitlement flow; everything requested (HTTP endpoints, contract address, pricing) matches that purpose. There are no unexpected env vars, binaries, or installs required by the skill.
- Instruction Scope
- noteInstructions are limited to calling the Roaster API, checking on-chain entitlements, building unsigned transactions, and obtaining API keys. The doc explicitly warns agents not to perform wallet functions without human confirmation. This is appropriate for the stated purpose, but the presence of ‘No UI required’ and transaction-building endpoints means an agent with wallet access could perform purchases if allowed — ensure human confirmation is enforced by policy.
- Install Mechanism
- okNo install spec and no code files are included (instruction-only). Nothing is written to disk or fetched during install by the skill itself, which minimizes install-time risk.
- Credentials
- okThe skill does not request any environment variables, keys, or system paths. The README notes the service uses the OpenAI API server-side, but the skill does not ask users to provide OpenAI credentials. No disproportionate credential requests are present.
- Persistence & Privilege
- notealways:false (normal). The skill can be invoked autonomously (platform default). Combined with endpoints that build unsigned transactions and the requirement to save API keys immediately, this raises a user-administration consideration: do not grant the agent access to any private wallet signing keys or automated signing capability. The skill itself does not request such keys.