Skillv1.1.1

ClawScan security

TickTick CLI (ttg) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 9, 2026, 9:44 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is broadly consistent with a TickTick CLI helper, but there are notable metadata/instruction mismatches (undeclared install steps and undeclared credentials/config path) that you should review before installing or running any automated install.
Guidance: This skill appears to be a legitimate wrapper around the public ticktick-go CLI, but there are two red flags to consider before installing or running any automated install: (1) SKILL.md includes a git clone && make install script (which will execute code from the remote repo on your machine) even though the registry metadata lists no install spec — verify and prefer to install ttg yourself manually after inspecting the repo and Makefile; (2) the skill asks you to create ~/.config/ttg/config.json with client_id and client_secret but the skill metadata does not declare these credentials or config paths — treat those values as sensitive, keep them local, and don't paste them into any remote UI you don't trust. Actionable steps: review the GitHub repository and Makefile for the install steps you would run; manually run ttg auth/login in your browser (instead of an automated install) to obtain tokens; only install or grant credentials if you trust the upstream repo and the skill author, and ask the publisher to correct the metadata so required credentials/config paths are declared explicitly.

Review Dimensions

Purpose & Capability: noteThe skill's name/description (TickTick CLI via the ttg tool) matches the runtime instructions which call the ttg binary and demonstrate task operations. However, the SKILL.md instructs the user to create ~/.config/ttg/config.json containing client_id/client_secret (secrets needed for TickTick access), yet the skill metadata declares no required env vars or config paths; this mismatch should be clarified.
Instruction Scope: concernSKILL.md stays focused on ttg usage, but it explicitly references a user config file path (~/.config/ttg/config.json) and an OAuth login flow. Those file/credential requirements are not declared in the skill metadata. Also the embedded install script (in the SKILL.md frontmatter) instructs cloning and building code — that grants the installer discretion to run arbitrary build steps from the repo.
Install Mechanism: concernThe registry metadata stated 'no install spec', but the SKILL.md frontmatter contains an install entry that runs: git clone https://github.com/dhruvkelawala/ticktick-go /tmp/ttg-install && cd /tmp/ttg-install && make install && rm -rf /tmp/ttg-install. Cloning and make install will execute code from the remote repo on your machine. The repo is a public GitHub project (expected source), but the presence of an install script in SKILL.md (contradicting registry metadata) is an inconsistency and a potential execution risk if automated.
Credentials: concernThe skill metadata lists no required environment variables or config paths, yet instructions require creating ~/.config/ttg/config.json containing TickTick client_id and client_secret. Those are sensitive credentials (client secret) and should be declared by the skill. The absence of declared credential requirements is disproportionate and should be corrected.
Persistence & Privilege: okPrivilege flags are normal: always=false, user-invocable=true, and model invocation allowed. The skill does not request permanent presence or elevated platform privileges.