Back to skill
Skillv1.0.0
ClawScan security
Exa · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 8, 2026, 9:39 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only wrapper for the Maton Exa API and only asks for a single Maton API key; its requirements and instructions align with its described purpose.
- Guidance
- This skill is internally consistent with its description, but before installing: ensure you trust maton.ai and are comfortable giving this skill a Maton API key (MATON_API_KEY). Use a dedicated or scoped key if possible, avoid sending highly sensitive secrets or data through the API, and be prepared to revoke the key if you stop using the skill. Verify Maton’s privacy/data-retention policy if you will send private content for research or extraction.
Review Dimensions
- Purpose & Capability
- okName/description state Exa API access for web search, content extraction, similarity, answers and async research. The SKILL.md only requires a MATON_API_KEY and demonstrates POST/GET calls to maton.ai gateway and control endpoints — these are coherent with the stated purpose.
- Instruction Scope
- okRuntime instructions only show HTTP requests to https://gateway.maton.ai and https://ctrl.maton.ai and using the MATON_API_KEY Authorization header. The instructions do not ask the agent to read unrelated files, other environment variables, or system config, nor to send data to unexpected endpoints.
- Install Mechanism
- okNo install spec or code files are included (instruction-only). Nothing will be written to disk or downloaded during install, which is the lowest-risk model.
- Credentials
- okOnly a single environment variable (MATON_API_KEY) is required and that matches the API usage shown. No unrelated credentials, config paths, or broad secrets are requested.
- Persistence & Privilege
- okSkill is not always-enabled, is user-invocable, and does not request persistent system privileges or modify other skills' configuration. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.