Parcel Tracking
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
Install only if you trust this package source and Track123. Provide a scoped or revocable TRACK123_API_SECRET if possible, leave TRACK123_API_BASE at the official endpoint unless you intentionally use a trusted alternative, and remember that tracking numbers and optional postal codes are sent to Track123. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill will act under the user's Track123 API account or quota when it looks up parcels.
The skill uses a Track123 API secret from the environment as the provider authentication header. This is expected for the stated Track123 integration, but it is still a credential boundary users should notice.
secret = os.getenv("TRACK123_API_SECRET") ... "Track123-Api-Secret": get_api_secret()Use a scoped or easily revocable Track123 API secret if available, keep it private, and avoid setting TRACK123_API_BASE to an untrusted endpoint.
Parcel identifiers and optional postal codes are shared with Track123 to retrieve tracking information.
The skill sends the user-provided tracking number and optional postal code to the Track123 API. This is purpose-aligned, but it is an external data flow involving delivery information.
payload = {"trackNos": [tracking_number], ...}; if postal_code: payload["postalCode"] = postal_code ... requests.post(url, headers=api_headers(), json=payload)Only use the skill for tracking numbers and postal codes you are comfortable sending to Track123, and review Track123's privacy practices if the data is sensitive.
There is more bundled third-party code than the visible parcel-tracking script needs, making the package harder to audit.
The package includes a full Python virtual environment and package-manager libraries for a small tracking helper. No artifact shows those extra files being automatically executed, but the packaging increases provenance and review surface.
503 file(s): SKILL.md, requirements.txt, track.py, venv/lib/python3.14/site-packages/pip/..., venv/lib/python3.14/site-packages/requests/...
Prefer a lean package with declared dependencies, pinned versions or hashes, and registry metadata that accurately declares python3, requests, and TRACK123_API_SECRET.