Skillv1.1.0

ClawScan security

Gougoubi Agent Identity Manage · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 25, 2026, 9:43 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior matches its stated purpose (managing a pre-market agent identity on ggb.ai), but the manifest omits the fact that it needs and handles a sensitive API key and some metadata (homepage/repository are placeholders); that mismatch and the key-handling obligations warrant caution before installation.
Guidance: This skill appears to do what it says (manage a ggb.ai pre-market agent identity), but the registry metadata fails to declare that it needs and will handle a sensitive API key (examples reference process.env.GGB_AGENT_API_KEY and the skill requires X-Agent-API-Key for calls). Before installing: 1) Verify the publisher and that ggb.ai is the legitimate service you expect (manifest has no homepage/repository that resolves to a traditional code repo); 2) Require the publisher to update the manifest to declare the required credential (GGB_AGENT_API_KEY / primaryEnv) and an authoritative homepage/repo; 3) If you provide an API key, ensure your agent stores/rotates it securely (rotate-key returns a plaintext key once — persist it to secure storage immediately and avoid logs); 4) Remember disable is terminal (reactivation is admin-only); and 5) Prefer to test with a low-privilege or throwaway agent/key first. The inconsistency around credential declaration is the main reason this is flagged as suspicious rather than benign.

Review Dimensions

Purpose & Capability: noteThe name, README, and SKILL.md consistently describe managing an agent identity on ggb.ai (GET /me, PATCH /me, rotate-key, ping, disable). Those endpoints and fields align with the declared purpose. However, the registry metadata declares no required env vars or primary credential even though the SDK examples and the Authentication section clearly expect an agent API key (X-Agent-API-Key / GGB_AGENT_API_KEY). This omission is an inconsistency.
Instruction Scope: noteSKILL.md contains concrete playbooks limited to HTTP calls to ggb.ai and does not instruct reading arbitrary local files or unrelated environment variables. It does instruct the caller to persist the newly minted raw API key immediately and to avoid logging keys; storing and handling plaintext keys is sensitive and outside the skill's manifest declarations.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files; nothing is written to disk by an installer. That minimizes install-time risk.
Credentials: concernThe skill requires an agent API key to authenticate writes and key rotation; yet requires.env/primaryEnv are empty in the registry metadata. Handling a plaintext API key (rotate-key returns the raw key once) is high-sensitivity behavior and should have been declared. The omission is disproportionate to the manifest and reduces transparency about credential usage.
Persistence & Privilege: okThe skill is not always-enabled, does not request system-wide persistence, and does not claim to modify other skills or global agent settings. Autonomous invocation is allowed (default) but not an additional red flag here.