Skillv1.2.0

ClawScan security

Paragraph Test · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 10, 2026, 3:09 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement a Paragraph.com API integration and mostly matches its stated purpose, but there are metadata inconsistencies and a few scope/operational details you should verify before installing.
Guidance: What to check before installing: - Confirm environment variables: despite registry summary saying "none," the skill and code require PARAGRAPH_API_KEY and PARAGRAPH_PUBLICATION_SLUG. Do not provide keys unless you intend the agent to act on your Paragraph account. - Review example prompts: README suggests agent may read local files (markdown, CSV) and upload their contents. If you don't want agents to access local files, avoid giving permission or remove those example flows. - Source & provenance: the listing’s "Source: unknown" / "Homepage: none" is concerning. SKILL.md points to a GitHub URL; inspect that repo and the full skill.js yourself to ensure there are no hidden endpoints or telemetry beyond Paragraph API. - Metadata mismatch: ask the publisher to fix the registry metadata so required env vars are visible in the listing. That helps automated audits and prevents accidental leaks. - If you proceed, give the skill the minimum privileges (use a Paragraph API key with limited scope if possible) and consider using an API key that can be revoked quickly. If you want, I can extract and summarize the code paths that send data to the network (endpoints called, which parameters are transmitted) or point out exact lines where env vars are read so you can review them.

Review Dimensions

Purpose & Capability: noteThe name/description (Paragraph blogging integration) align with the code and tools provided: the skill calls Paragraph REST endpoints for posts, publications, subscribers, coins, etc. However the registry metadata at the top of the report claims "Required env vars: none" while the SKILL.md and code clearly require PARAGRAPH_API_KEY and PARAGRAPH_PUBLICATION_SLUG (and optionally PARAGRAPH_PUBLICATION_ID / PARAGRAPH_API_BASE_URL). This metadata mismatch is inconsistent and should be corrected before trusting the listing.
Instruction Scope: noteSKILL.md and the code keep runtime behavior scoped to Paragraph's API and only read Paragraph-related env vars. However the README/agent prompt examples include directions like "markdown content from memory/2026-03-10.md" and "Add all subscribers from /path/to/subscribers.csv" — these example prompts instruct an agent to read local files and pass their contents into the skill for import. The skill supports importing CSV bytes, so that behavior is technically supported, but it means an agent with this skill could be asked to read local files or other user data and transmit them to the Paragraph API. Verify you want agents to have that capability.
Install Mechanism: okThere is no install spec (instruction-only at registry level), and the implementation uses native fetch with zero external dependencies. No remote downloads or extract operations are present. The presence of code files (skill.js, test.js) is expected for an instruction-backed skill; nothing in the package.json or lockfile pulls external packages.
Credentials: concernThe skill requires PARAGRAPH_API_KEY and PARAGRAPH_PUBLICATION_SLUG (and optionally PARAGRAPH_PUBLICATION_ID / PARAGRAPH_API_BASE_URL), which are proportionate for a Paragraph API integration. The concern is the registry metadata contradicts this (claims no required env), which could mislead users or automated installers. No unrelated credentials or extra secrets are requested.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills, and does not require system-level config paths. It reads environment variables at runtime (standard for API clients). Autonomous invocation is allowed by default but is not combined with other high-risk factors here.