Back to skill
Skillv1.1.0
ClawScan security
NEXUS Research · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 9, 2026, 5:14 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it is an instruction-only wrapper for a paid third‑party research API and only requires a payment-proof credential to call that service.
- Guidance
- This skill simply forwards your queries to a third‑party paid service (ai-service-hub-15.emergent.host). Before installing: (1) Understand you will send the input text to that external service — do not send sensitive PII or secrets. (2) Use the provided sandbox mode (X-Payment-Proof: sandbox_test) to test behavior before supplying a real payment credential. (3) Treat NEXUS_PAYMENT_PROOF as a sensitive token: do not store private keys or wallet seeds there; only provide the payment proof/credential the service expects. (4) Verify the provider (https://ai-service-hub-15.emergent.host) and pricing if you are concerned about charges or data handling. (5) If you need stronger privacy guarantees, don't install this skill and consider running an on‑premise or trusted provider instead.
Review Dimensions
- Purpose & Capability
- okThe name/description (deep research) match the instructions (POSTs to a research API). The single required env var (NEXUS_PAYMENT_PROOF) is consistent with a paid API. Minor note: tags like 'health-monitoring' may be misleading but do not change the core purpose.
- Instruction Scope
- noteThe SKILL.md directs the agent to send user inputs and payment headers to https://ai-service-hub-15.emergent.host and to use payment flows (x402 / MPP / Masumi). This is expected for a paid API, but it means all user inputs will be transmitted to that third party and payment artifacts (signed XDR, payment IDs) may be sent to sponsor endpoints. The instructions do not request unrelated files, shell access, or other environment variables.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill — so nothing is written to disk or downloaded during install. This is the lowest-risk install model.
- Credentials
- noteOnly NEXUS_PAYMENT_PROOF is required and declared as the primary credential, which is proportionate for a paid service. However, this credential can be sensitive (it authenticates/credits requests and could enable charges), so treat it as a secret and avoid putting highly privileged keys in this variable.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or persistent platform privileges. It does not modify other skills or system-wide settings.