Skillv1.1.0

ClawScan security

NEXUS Cron Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 9, 2026, 5:09 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only client for a paid external cron-expression API; its requirements and runtime instructions are consistent with that purpose (network access + a payment-proof environment variable).
Guidance: This skill is an API client that sends your input to https://ai-service-hub-15.emergent.host and expects a payment proof credential. Before installing: (1) Confirm you trust the NEXUS service and review its privacy/terms; your prompts will be transmitted off-host. (2) Treat NEXUS_PAYMENT_PROOF as sensitive — do not put private keys there. (3) Use the provided sandbox_test value for trial invocations. (4) If you do not want any payments or remote processing, do not install. If you need more assurance, request the skill author/source and documentation for the payment credential format and the service's data-retention policy.

Review Dimensions

Purpose & Capability: okName/description claim (generate/explain cron expressions) matches the SKILL.md: the skill is purely an API client that sends user input to a remote NEXUS service. Requiring a payment proof credential (NEXUS_PAYMENT_PROOF) is coherent with the documented paid API flows (legacy X-Payment-Proof header and other payment standards). No unrelated capabilities (e.g., cloud credentials, git, or system-level access) are requested.
Instruction Scope: okRuntime instructions only describe calling the external endpoint, following the stated payment flows (x402 / MPP / legacy header), and parsing responses. The SKILL.md explicitly disallows filesystem/shell access and only requires network. It does send user input to a third party (the NEXUS host), which is expected for this kind of API client and is the main privacy surface to consider.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files — lowest installation risk. Nothing is downloaded or written to disk by the skill itself.
Credentials: noteThe skill requires a single environment variable named NEXUS_PAYMENT_PROOF (declared as primaryEnv). That is proportionate to the documented legacy payment header usage. However, this env var likely contains a payment credential/proof and should be treated as sensitive: only set it if you trust the remote service and understand what value is stored there (use sandbox_test for testing). No unrelated secrets or multiple credentials are requested.
Persistence & Privilege: okThe skill does not request 'always' presence, does not modify other skills or system settings, and declares no config paths. Autonomous invocation is allowed by default but is not combined with any excessive privileges.