ClawHub
Back to skill
v0.1.0

ScopeGate Client

BenignClawScan verdict for this skill. Analyzed May 2, 2026, 8:12 PM.

Analysis

This instruction-only skill is coherent as a safety gate, but it relies on an external ScopeGate service that will receive authorization-check details and an API key.

GuidanceInstall this skill if you trust ScopeGate to broker authorization for consequential actions. Before using it, confirm the endpoint, understand who can issue grant IDs, secure the API key, and avoid including unnecessary sensitive details in the requested_action field.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack
SeverityLowConfidenceHighStatusNote
SKILL.md
Before executing any consequential action, you MUST verify scope with ScopeGate. ... If ScopeGate is unreachable → STOP. Treat as denied. Never fail open.

The skill intentionally imposes a mandatory external authorization check and changes the agent's stopping condition for important actions.

User impactThe agent may refuse or delay otherwise valid work if ScopeGate denies the request or is unavailable.
RecommendationUse this only if you want ScopeGate to act as a fail-closed authorization gate, and make sure users understand how grants are issued and recovered from outages.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
"api_key": "<your api key>" ... Getting an API Key ... Sign up at https://scopegate.ai to get your API key.

The skill expects a ScopeGate API key for verification calls, which is purpose-aligned but still sensitive credential handling.

User impactIf the API key is exposed, someone may be able to misuse the user's ScopeGate account or authorization workflow.
RecommendationStore the API key securely, avoid pasting it into logs or shared prompts, rotate it if exposed, and prefer least-privilege provider settings if available.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
SKILL.md
Default: `https://api.scopegate.ai` ... Override: set `SCOPEGATE_URL` environment variable ... "requested_action": "<action you are about to take>"

The agent is instructed to send action descriptions, grant IDs, agent IDs, and an API key to an external provider endpoint; the endpoint can also be redirected by an environment variable.

User impactScopeGate may see metadata about consequential actions the agent is about to take, and a misconfigured endpoint could send that information to the wrong service.
RecommendationVerify the ScopeGate endpoint, protect or unset SCOPEGATE_URL in untrusted environments, and keep requested_action descriptions as specific as needed but not unnecessarily sensitive.