Skillv1.0.0

ClawScan security

multi-account-config · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 7, 2026, 8:52 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, scope, and requested inputs align with its stated purpose of adding/configuring messaging accounts; it is an instruction-only skill that does not request unrelated credentials or install software.
Guidance: This skill is coherent with its purpose: it will guide you to provide platform-specific tokens (bot tokens, phone number, etc.) and then use gateway config.get/patch to add accounts. Before using it: (1) never paste tokens into public chat—provide them via a secure prompt or secrets mechanism; (2) ensure the agent or user performing gateway.config.patch has the correct permissions and that you have a backup of your current config; (3) verify who can read the gateway configuration after tokens are stored (tokens in config may be accessible to other admins/services); (4) test changes in a staging environment if possible and restart the gateway per your normal operational procedures. The skill does not install software or request unrelated credentials.

Purpose & Capability: okName/description (multi-account configuration for messaging platforms) matches the actions described in SKILL.md: collecting platform-specific tokens/IDs and calling gateway config.get and gateway config.patch to update channel/account configuration.
Instruction Scope: okInstructions stay within the stated purpose: they ask the user for platform-specific credentials, retrieve existing gateway config, merge new account entries, patch the gateway config, and verify. The doc explicitly warns not to log tokens. The only potentially sensitive action—using the current user's sender ID—is reasonable for populating allowFrom and is consistent with configuring accounts.
Install Mechanism: okNo install spec or code files are present; the skill is instruction-only and does not download or write code to disk, which minimizes install risk.
Credentials: okThe skill does not request environment variables or external credentials beyond the platform tokens/IDs the user must supply interactively. Those tokens are proportionate to the task of adding bots/accounts.
Persistence & Privilege: okalways is false and the skill does not request persistent system privileges or attempt to modify other skills or system-wide settings. It instructs using the gateway config APIs only, which is appropriate for the intended configuration task.