Chaterimo
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a legitimate Chaterimo integration, but it requires an API key that can read your chatbot and customer-service conversation data.
Before installing, confirm that the Chaterimo API key is read-only or otherwise appropriately scoped, and only use this skill in contexts where reading chatbot and customer-service conversation data is acceptable.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the key is over-scoped or exposed, someone could access chatbot and conversation data available to that key.
The skill requires a Chaterimo API key, which is expected for this integration but grants delegated access to the user’s Chaterimo account data.
requiredEnv:\n - name: CHATERIMO_API_KEY\n description: Your Chaterimo API key. Generate at https://www.chaterimo.com/account/api-keys/
Use a least-privilege, preferably read-only Chaterimo API key, store it securely as an environment variable, and revoke it when no longer needed.
The agent may display or reason over customer conversation content; that content should be treated as data, not as instructions to follow.
The skill brings customer conversation transcripts into the agent context. Even with claimed PII redaction, customer-authored messages are untrusted content and may include sensitive business context or prompt-like instructions.
Get full conversations with messages between customers and your AI chatbot. All personally identifiable information is automatically redacted.
Use the skill for intended support analysis only, avoid sharing outputs broadly, and ensure the agent treats transcript text as untrusted customer content.