Skillv0.1.0

ClawScan security

AI Code Reviewer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 13, 2026, 8:46 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's documentation claims a full-featured AI code-reviewer and references using an OpenRouter API key and GitHub token, but the published package contains no code or declared required credentials — this mismatch and missing runtime detail is concerning.
Guidance: This skill is instruction-only and declares no required credentials in the registry, but its SKILL.md/README clearly expects an OpenRouter API key and (optionally) a GitHub token and describes integrations (CLI, GitHub Action, VS Code) that are not included. Before installing or supplying secrets: 1) Ask the publisher to clarify runtime behavior — where is your code sent, which endpoints are used, and whether any code is stored? 2) Prefer short-lived, least-privilege tokens (scoped GitHub token) and test with non-sensitive code first. 3) Verify the skill's implementation (source code or official connector) if you require on-prem/privacy guarantees. 4) If you enable automatic PR creation, ensure the token scope is limited and audit any created PRs. Additional information that would raise confidence: an explicit runtime implementation, a declared primary credential in metadata matching SKILL.md, and a privacy/security statement or audited connector proving code is not retained.

Review Dimensions

Purpose & Capability: concernThe name/description (AI Code Reviewer) matches the SKILL.md features (analysis, PR and test generation). However the skill bundle contains no code, no install, and the registry metadata declares no required environment variables or primary credential while the SKILL.md explicitly references OPENROUTER_API_KEY and optional GITHUB_TOKEN. The README also advertises CLI, GitHub Action, and VS Code extension integrations that are not present in the package. These omissions/inconsistencies make it unclear how the claimed capabilities would be implemented at runtime.
Instruction Scope: noteThe SKILL.md instructions stay within the stated purpose (analyze code, produce reports/PR descriptions/tests). They instruct using OpenRouter and optionally a GitHub token for automatic PRs — which is coherent with the purpose. However the doc asserts privacy (code not stored) without technical detail or guarantees, and shows integrations that imply uploading code to external services. The instructions do not instruct the agent to inspect unrelated local files, but they do depend on external model/API calls that will transmit code to those endpoints.
Install Mechanism: okThere is no install spec and no code files — instruction-only. That minimizes on-disk risk, but also means functionality depends entirely on runtime model/API calls and on the agent environment declared elsewhere.
Credentials: concernThe SKILL.md expects an OpenRouter API key and (optionally) a GitHub token — both reasonable for this skill. But the package metadata lists no required env vars or primary credential. The mismatch (docs asking for secrets while registry declares none) is a red flag: it is unclear what credentials the agent will actually request or require at runtime, and where the provided code will be sent. Users should not hand over long-lived, high-privilege tokens without clarity.
Persistence & Privilege: okalways is false, no install, and no config paths requested. The skill does not request elevated or persistent system privileges in the bundle itself.