Skillv1.0.1

ClawScan security

EngageLab SMS · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 27, 2026, 6:22 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's functionality matches an SMS API client, but it fails to declare or request the required credentials in its metadata (even though SKILL.md and the code clearly need them), which is an incoherence you should resolve before trusting it.
Guidance: This skill appears to implement a legitimate EngageLab SMS client, but the registry metadata does not declare the dev_key/dev_secret that the code and SKILL.md require. Before installing or using it: (1) Verify the publisher/source and confirm why credential fields are missing from the registry entry. (2) Do not paste production API keys into an unknown skill; prefer creating a limited-test API key with minimal permissions to try the skill. (3) Confirm the endpoint domain (smsapi.engagelab.com) is correct and owned by the service you expect. (4) Ensure the platform will store any keys securely (agent secret storage) rather than embedding them in logs or prompts. (5) If you need stronger assurance, request that the publisher update the package metadata to declare required credentials (primaryEnv or requires.env) and/or provide reproducible provenance (homepage, author) so you can audit or run the included python client in an isolated environment first. If the publisher cannot explain the missing credential declarations, treat the package with caution.

Review Dimensions

Purpose & Capability: noteThe name/description, SKILL.md, and the provided Python client all consistently implement EngageLab SMS send/template/signature functionality and call https://smsapi.engagelab.com — the requested capabilities align with the stated purpose. However, the skill metadata lists no required credentials or primaryEnv while both the documentation and the code expect a dev_key/dev_secret. That mismatch is unexpected.
Instruction Scope: okSKILL.md limits runtime actions to constructing HTTP requests to the EngageLab API and instructs the agent to ask the user for dev_key/dev_secret if not present. It does not instruct reading arbitrary system files or contacting unrelated endpoints. The runtime instructions are scoped to the service described.
Install Mechanism: okThere is no install spec (instruction-only plus a single Python client file). No downloads from external or shortener URLs are present. The code depends on the requests library but nothing is automatically installed by the skill spec itself.
Credentials: concernThe skill requires API credentials (dev_key and dev_secret) to operate, and the code/doc describe using HTTP Basic Auth with those keys — this is proportionate to an SMS API client. The problem is that the package metadata declares no required env vars or primary credential. Missing declarations mean the registry-level permission/credential model is incomplete and could lead to accidental credential exposure or unclear handling by the agent platform.
Persistence & Privilege: okThe skill does not request persistent presence (always:false) and does not appear to modify other skills or system-wide agent configuration. It only contains a client library and documentation.