Back to skill
Skillv1.0.0
ClawScan security
Api Cost Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 30, 2026, 1:46 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's documentation and description claim live API/environment detection and API-based ingestion, but the delivered code appears to only parse local exports/files — this mismatch warrants caution before installation or trusting it with secrets.
- Guidance
- This skill appears to be a file-based cost analyzer and is mostly coherent, but its documentation overstates capabilities (it promises API/environment ingestion and auto-detection by API keys while the delivered code appears to only parse local exports). Before installing or running: (1) inspect the entire script for any network calls or os.environ access—if it calls provider APIs it will need your API keys; (2) do not pass live files that contain secrets to the tool until you confirm whether it transmits data; (3) run it on a sample/export with dummy data in an isolated environment first; (4) ask the author to clarify whether 'auto' mode uses environment API keys and, if so, what endpoints are called and how credentials are used/stored. If you need automatic fetching from providers, prefer a tool that explicitly documents required env vars and shows the network calls in code.
Review Dimensions
- Purpose & Capability
- concernThe SKILL.md claims the tool can read usage from files, APIs, or the environment (auto-detecting providers from API keys). The code shown only implements file-based parsing and content-based auto-detection of provider formats (it inspects JSON/CSV contents). No HTTP/network libraries or provider API calls are present in the visible code. Required env vars are listed as none in the registry, yet the README mentions OPENAI_API_KEY, ANTHROPIC_API_KEY, OPENROUTER_API_KEY and others for auto-detect; that is inconsistent.
- Instruction Scope
- noteInstructions and examples focus on analyzing local exports (billing CSV/JSON files) and a CLI 'auto' mode. The SKILL.md language about reading from 'environment' or calling provider APIs is broader than what the code appears to do. The script reads files and normalizes entries; it does not (in the provided code) instruct the agent to read arbitrary system files or send data to external endpoints. If later parts of the script try to read env vars or call provider APIs, that is not shown and should be confirmed.
- Install Mechanism
- okNo install spec; this is an instruction-only skill with a Python script that claims no external dependencies (stdlib only). That matches the visible imports in the script (argparse, csv, json, os, sys, etc.). No external downloads or package installs are required.
- Credentials
- noteRegistry metadata lists no required environment variables or primary credential, which is proportionate for a file-based analyzer. However, the SKILL.md mentions auto-detection from API keys in environment variables — which would require access to secrets. Because the code shown does not visibly use network calls, the env-var claims appear optional/unspecified. Confirm whether the script actually reads os.environ for provider keys before trusting it with secrets.
- Persistence & Privilege
- okThe skill is not always-enabled, does not request elevated privileges, and does not include an install that modifies system-wide settings. Autonomous invocation is allowed (the platform default) but is not combined with other high-risk requests here.