PagerDuty Agent

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

ConcernHigh Confidence

ASI03: Identity and Privilege Abuse

What this means

If PAGERDUTY_BASE_URL is set accidentally or maliciously, the PagerDuty API key could be sent to a non-PagerDuty server or over an unencrypted connection.

Why it was flagged

The PagerDuty API key is attached to every request, while the destination host is controlled by PAGERDUTY_BASE_URL and may use HTTP rather than HTTPS.

Skill content

const BASE_URL = process.env.PAGERDUTY_BASE_URL || "https://api.pagerduty.com"; ... "Authorization": `Token token=${API_KEY}` ... const transport = url.protocol === "https:" ? https : http;

Recommendation

Do not set PAGERDUTY_BASE_URL unless you fully trust it. The skill should restrict this to HTTPS and expected PagerDuty hosts, or clearly document and validate any custom endpoint.

NoteHigh Confidence

ASI02: Tool Misuse and Exploitation

What this means

An agent using this skill can make live operational changes, such as creating incidents or marking them resolved.

Why it was flagged

The skill explicitly supports PagerDuty write operations that can create or change incident state.

Skill content

Trigger, acknowledge, and resolve PagerDuty incidents ... export PAGERDUTY_FROM_EMAIL="you@yourcompany.com"   # required for write operations

Recommendation

Use explicit user confirmation for write operations and prefer the least-privileged PagerDuty API key that supports the tasks you need.