Back to skill
Skillvv0.4.0
ClawScan security
Seer server manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 11:29 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions and required secrets are consistent with a Seer CLI tool, but the registry metadata omits the environment variables declared in SKILL.md and there are network-exposure risks to consider when running the provided Docker deployment options.
- Guidance
- This skill appears to do what it says (a CLI for a Seer server), but check these before installing: 1) SKILL.md requires SEER_SERVER and SEER_API_KEY — the registry metadata omitted those; confirm you supply them only to a trusted Seer instance. 2) Verify the GitHub repo and release artifacts (checksums) before running curl/tar/sudo mv. Prefer running the official ghcr.io container if you trust the publisher. 3) Be cautious with the Docker MCP options: enabling SEER_MCP_NO_AUTH or exposing an unsecured route can make your Seer instance accessible to others — always prefer a bearer token or network isolation. 4) Keep the API key secret (do not paste into public logs) and consider least-privilege API keys. 5) If you want additional assurance, ask the publisher for a homepage/repo link in the registry metadata and inspect the release contents and Docker image manifest yourself.
Review Dimensions
- Purpose & Capability
- okThe SKILL.md describes a CLI for managing a Seer server and declares SEER_SERVER and SEER_API_KEY (plus optional MCP tokens) — these match the stated purpose. One inconsistency: the registry metadata reported 'Required env vars: none' and 'Primary credential: none', while SKILL.md requires an API key and server URL.
- Instruction Scope
- noteInstructions are focused on installing/running the CLI and using it against a Seer instance. They reference a config file (~/.seer-cli.yaml) and environment variables relevant to the service. The Docker instructions can expose an HTTP MCP endpoint; the SKILL.md explicitly documents options that allow unauthenticated access (SEER_MCP_NO_AUTH and route-based no-header auth). That is functional for some clients but increases the risk of exposing your Seer instance or API key if misconfigured.
- Install Mechanism
- okThis is an instruction-only skill; install instructions point at GitHub releases (curl of release tarball + checksum) and a ghcr.io Docker image. These are standard, expected sources. The SKILL.md recommends verifying checksums before installing, which is good practice.
- Credentials
- noteThe environment variables declared in SKILL.md (SEER_SERVER, SEER_API_KEY, optional MCP tokens) are appropriate for a Seer CLI. However, the registry metadata does not list these required env vars or a primary credential; that registry/metadata mismatch should be corrected because it affects users' ability to review required secrets before installation.
- Persistence & Privilege
- okThe skill does not request persistent/always-on inclusion and has no install spec that writes code to disk on its own. It does instruct users how to install a binary or run a container, which is normal for a CLI tool.