Back to skill
Skillv1.0.0
ClawScan security
Slack Messaging · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 27, 2026, 12:10 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required environment variable, and actions match its Slack messaging purpose and are internally consistent.
- Guidance
- This instruction-only skill is coherent: it only needs a Slack token and shows explicit Slack API calls. Before installing, verify you will supply a token with the least privilege required (prefer a bot token scoped only to needed actions), avoid using a high-privilege user token unless necessary, rotate and store the token securely, and do not paste the token into chat. Note the skill source/homepage is missing — that doesn't change the technical assessment but means you can't easily audit or contact the author; prefer skills from known publishers or add a workspace-scoped token you can revoke quickly if you stop using the skill.
Review Dimensions
- Purpose & Capability
- okName/description (send messages, manage channels, upload files, reactions) aligns with the single required env var SLACK_TOKEN and the Slack Web API endpoints used in SKILL.md.
- Instruction Scope
- okSKILL.md contains concrete curl calls to Slack API endpoints and only references SLACK_TOKEN for auth; it does not instruct reading unrelated files, scanning system state, or exfiltrating other credentials. Workflow examples (Sentry webhook integration, CI/CD) are suggestions and don't require additional secrets in the document.
- Install Mechanism
- okInstruction-only skill with no install spec or code files — nothing is downloaded or written to disk by the skill itself, which is the lowest-risk install profile.
- Credentials
- okOnly SLACK_TOKEN is required and is appropriate for Slack API access. The SKILL.md explicitly distinguishes bot tokens (xoxb-) and user tokens (xoxp-) so the requested credential is justified by the described capabilities.
- Persistence & Privilege
- okThe skill does not request always:true and does not instruct modifying other skills or system-wide configuration. Autonomous invocation is allowed by the platform default but is not elevated by this skill.