Back to skill
Skillv1.0.0
ClawScan security
Promptingco · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 9:56 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions match its stated purpose (it acts as a client for The Prompting Company API and only asks for the session cookie it needs), with no install steps or unrelated permissions requested.
- Guidance
- This skill appears coherent: it uses the session cookie you provide to call The Prompting Company API endpoints and nothing else. Before installing, ensure you: (1) trust the skill’s source since you must supply your __Secure-better-auth.session_token (this token grants full session access and can be used to act as you on the site); (2) prefer providing a session/token with limited scope or a throwaway account if possible; (3) verify the base URL if you have concerns (SKILL.md uses https://app.promptingco.com but references/api-guide contains a slightly different example domain — confirm which is correct); and (4) be aware the skill spawns subagents for multi-step flows, which may run additional API calls on your behalf. If you provide the real session token, consider rotating it after use or using platform-provided API keys with limited permissions when available.
Review Dimensions
- Purpose & Capability
- okName/description align with required credential (TPC_SESSION_TOKEN) and the SKILL.md shows only API calls to the Prompting Company endpoints for brand, prompts, drafts, and analytics. Requesting the session cookie is proportional to acting on the user's behalf in the web UI/API.
- Instruction Scope
- noteInstructions stick to API interactions for the platform (fetch brands, personas, prompts, drafts, analytics). They instruct the agent to present choices to the user and spawn subagents for multi-step workflows — spawning subagents is within capability but expands what the agent may do automatically; there is no instruction to read local files or other environment variables. The SKILL.md repeatedly requires including the session cookie in requests, which is expected but means the provided token can be used to act as the user on the service.
- Install Mechanism
- okNo install spec or code is included (instruction-only), so nothing will be written or installed on disk. This is the lowest-risk install profile.
- Credentials
- okOnly one required environment value is declared (TPC_SESSION_TOKEN) and it is the primary credential used for cookie-based auth. No unrelated credentials or system paths are requested.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request special platform privileges. It does instruct the agent to spawn subagents for multi-step tasks — this enables autonomous or extended workflows, which is allowed but increases blast radius if the token is compromised.