Skillv1.0.0

ClawScan security

Environment Secrets Rotator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 13, 2026, 2:01 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: Tool mostly does what it says (rotate .env secrets and emit Vault CLI commands), but the implementation persistently stores plaintext rotated secrets (history file in the user home) and the SKILL.md/behavior mismatch about 'optional' history raises a privacy/persistence concern you should review before use.
Guidance: This skill appears to perform local .env secret rotation as advertised, but it will create backups and — importantly — record rotation history in a file under your home directory (~/.env-rotation-history.json). That history may contain plaintext secret values and appears to be recorded on every non-dry-run rotation. Before installing or running on production secrets: (1) review the script's _record_history implementation and confirm whether and how secrets are stored; (2) run with --dry-run and test files first; (3) if you must use it, restrict the history file and backups to tight permissions (e.g., chmod 600) or disable history if possible; (4) prefer using a real secrets manager for production rotations; (5) if you need assurance the history is not stored, search the code for any calls that write to ~/.env-rotation-history.json or similar and remove or modify them. I have medium confidence because part of the source was truncated (so I could not fully inspect the history-writing routine), but the visible code calls _record_history unguarded, which is why this is suspicious.

Review Dimensions

Purpose & Capability: okName/description align with code and instructions: the script rotates keys in .env files, generates Vault CLI commands, supports algorithms, backups, dry-run, validation and batch operations. No unrelated network or cloud credentials are requested.
Instruction Scope: concernSKILL.md instructs only local .env manipulation and Vault command generation, which matches most of the code; however the runtime instructions do not clearly call out that rotations will be recorded persistently to a history file in the user's home directory. The code calls self._record_history(...) on every non-dry-run rotation, which could store sensitive values unless explicitly disabled — this is broader persistence than the SKILL.md emphasizes.
Install Mechanism: okNo install script or network downloads are used; the skill is instruction-only with an included Python script that requires only python3 and standard library modules. Nothing in the install surface is surprising.
Credentials: concernThe skill requests no environment variables or external credentials (proportional), but it writes a history file to the user's home (~/.env-rotation-history.json) and creates backups next to edited files. Persisting plaintext rotated secrets in the home directory/backups is a sensitive capability not adequately highlighted in the description; this raises privacy risk if left enabled by default.
Persistence & Privilege: concernThe skill creates backups in the target directory and a history file in the user's home directory. Although it does not modify other skills or system-wide settings, the persistent storage of secret values (and the location in the home directory) is an elevated persistence footprint that should be disclosed and controllable.