Skillv1.2.1

ClawScan security

Fluora Setup · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 12, 2026, 10:37 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and actions match its stated purpose (clone/build fluora-mcp, generate a wallet, configure mcporter), but it runs and installs third‑party code from GitHub and writes a local private key and mcporter config — these are expected for this task but carry security risk and deserve careful review.
Guidance: This skill is internally coherent for its stated purpose, but it will clone and run code from a GitHub repo and perform npm install/build on your machine, then create a wallet (private key stored in ~/.fluora/wallets.json) and add a mcporter entry that runs the local build. Before running it: 1) review the fluora-mcp repository source (especially build/index.js and any install scripts) to ensure you trust it; 2) consider running the setup in an isolated environment or container; 3) inspect the generated ~/.fluora/wallets.json and back up the private key securely (and never expose it); 4) only fund the wallet with a small test amount first; 5) be aware the mcporter config will cause the built code to be executed later by mcporter — remove or audit that config if you no longer trust the code. If you are not comfortable auditing the repo, do not run the script or fund the wallet.

Review Dimensions

Purpose & Capability: okName/description align with what the code and SKILL.md do: clone the fluora-mcp GitHub repo, npm install & build, generate a wallet file (~/.fluora/wallets.json), and write mcporter config pointing to the local build. Required binaries (node, npm, git) are appropriate and no unrelated credentials are requested.
Instruction Scope: noteSKILL.md and setup.js keep scope to onboarding tasks, but they explicitly run code from the cloned repository (npm install, npm run build, and executing build/index.js briefly to generate a wallet). That is logically consistent with the purpose but means the agent (and user) will execute third‑party code which could do anything not otherwise mentioned in the instructions.
Install Mechanism: noteThere is no formal install spec; the runtime script performs git clone from GitHub and runs npm install/build. Cloning an official GitHub repo is common and reasonable, but running npm install and executing the resulting code increases risk compared with an instruction-only skill because arbitrary dependencies and code from the repo will be executed locally.
Credentials: okThe skill requests no environment variables or external credentials. It creates and reads local files (wallet and mcporter config) which are necessary for its function. However, because it runs repo code, that code could potentially read environment variables or other local files at runtime — this is a behavioral risk rather than a requested credential mismatch.
Persistence & Privilege: noteThe skill writes persistent files: ~/.fluora/wallets.json and a mcporter config in the workspace or ~/.mcporter. This is expected for setup. Important: the mcporter config points mcporter to run the local built index.js, meaning the cloned code may be executed later by mcporter; this persistence increases the attack surface if the repository or build is not trusted.