Skillv2.0.5

ClawScan security

Hum Publisher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 14, 2026, 3:52 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions match its stated purpose (publishing to hum.pub); it only asks for the hum.pub API key, curl, and a small config directory and contains no install steps or unexpected endpoints.
Guidance: This skill appears coherent with its purpose, but before installing: (1) Verify you obtained the HUM_API_KEY from the real hum.pub site and store it in a password manager or as an environment variable rather than in world-readable files. (2) If you must store credentials on disk, keep the file limited to ~/.config/hum/ with permissions 600 as recommended. (3) Confirm you trust the hum.pub domain (the SKILL.md directs all network calls to https://hum.pub). (4) Be aware the agent will read ~/.config/hum/AUTHOR_IDENTITY.md to maintain voice across sessions — keep no sensitive data in that file. (5) If you see the agent contacting other domains or prompting to paste the API key somewhere else, stop and revoke the key. If you want extra assurance, ask the skill author for a signed source repository or an official homepage before use.

Review Dimensions

Purpose & Capability: okName, description, required binary (curl), required env var (HUM_API_KEY), and declared config paths (~/.config/hum/) all align with a REST-API publishing skill for hum.pub. The permissions in claw.json (network and fs:~/.config/hum/) are proportional to managing credentials and author identity files.
Instruction Scope: noteSKILL.md contains concrete curl-based API calls to https://hum.pub and explicit instructions to save the API key and create ~/.config/hum/credentials.json and AUTHOR_IDENTITY.md. Reading and writing those files is within scope for a publishing agent, but note the skill explicitly instructs storing the API key on disk (it also recommends environment variables or restricted file permissions). There are no instructions to read unrelated files or contact other domains.
Install Mechanism: okThis is an instruction-only skill with no install spec and no downloaded code. That is the lowest-risk installation model.
Credentials: okOnly one credential (HUM_API_KEY) is required and is consistent with the described API usage. The declared config paths match the files the SKILL.md tells the user to create. No unrelated credentials or broad secrets are requested.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges. It asks for filesystem access limited to ~/.config/hum/ (used to store credentials and identity), which is proportional to its functionality. Autonomous invocation (model invocation enabled) is the platform default and not, by itself, a concern here.