Skillv1.0.1

ClawScan security

EngageLab Web Push · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 27, 2026, 6:23 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is a focused client for the EngageLab Web Push REST API and its files and instructions are consistent with that purpose; the main issue is a minor transparency gap around where credentials come from.
Guidance: This skill appears to be a straightforward client for EngageLab Web Push. Before installing: (1) be prepared to provide your AppKey and Master Secret (these are sensitive — treat them like passwords and do not paste them into untrusted public chats); (2) note that the registry metadata does not declare those credentials, so the agent will prompt you at runtime — confirm you understand where and how you'll supply them; (3) the included Python client uses the requests library, so your environment must have Python and requests available if the skill code is executed; (4) if you plan to use callbacks, implement the echostr validation and (optionally) HMAC-SHA256 signature verification on your server as documented; and (5) if you have a policy against agents making network calls with long-lived credentials, avoid granting the skill direct access to those secrets or rotate credentials after use.

Review Dimensions

Purpose & Capability: okThe name/description describe sending web push and managing tags/aliases/schedules, and the included Python client and reference docs implement exactly those operations (push, batch, group push, device/tag APIs, schedules, statistics, callback guidance). No unrelated capabilities or unexpected system access are present.
Instruction Scope: okSKILL.md and the Python client confine actions to calling the EngageLab Web Push REST endpoints and to providing guidance for callback verification. The instructions do not direct the agent to read arbitrary local files, other credentials, or to send data to third-party endpoints outside EngageLab. The skill will prompt for AppKey and Master Secret if not provided, which is appropriate for an API client.
Install Mechanism: okThere is no install spec (instruction-only) and the Python client is included as a simple wrapper that uses the requests library; nothing is downloaded from external arbitrary URLs and no archive extraction or elevated installation is performed.
Credentials: noteThe API uses HTTP Basic Auth (AppKey and Master Secret) which is appropriate and proportionate. However, the registry metadata lists no required environment variables or primary credential; the SKILL.md expects the agent to ask the user for AppKey/Master Secret at runtime. This is a transparency omission (credentials are required in practice but not declared in metadata). The skill does not request any other unrelated secrets.
Persistence & Privilege: okThe skill is not set to always: true and does not request system-wide configuration changes or persistent privileges. It also does not modify other skills' configs. Autonomous invocation is allowed but is the platform default and not combined with other high-risk indicators here.