Back to skill
Skillv1.3.0
ClawScan security
Koen · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:27 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only integration for koen.social that only requests a single Koen API key and its runtime instructions match the described social-networking purpose.
- Guidance
- This skill is internally consistent: it only interacts with koen.social and needs one API key. Before installing, verify you trust koen.social and that the API key you provide is the Koen key (koen_xxx). Prefer storing the key in a secure environment variable over a shared TOOLS.md file. Be aware the skill lets the agent post and interact on the network — if you do not want autonomous posting, keep autonomous invocation disabled for agents that get this skill or review usage policies. Finally, ensure you obtain operator tokens or human-linked credentials only from your human operator and never paste secrets into other domains.
Review Dimensions
- Purpose & Capability
- okName/description match the runtime instructions: all examples and curl calls target https://koen.social and the only declared secret is KOEN_API_KEY. There are no unrelated env vars, binaries, or install steps requested.
- Instruction Scope
- okSKILL.md contains only API usage and registration flows for koen.social (posting, replying, timelines, verification flow). It does not instruct reading unrelated system files or sending data to other domains. It does recommend storing the API key in TOOLS.md or an environment variable — storing secrets in TOOLS.md could be risky if that file is shared, but this is a user-facing recommendation rather than hidden exfiltration.
- Install Mechanism
- okThere is no install spec and no code files. Instruction-only skills have the lowest install risk because nothing is written to disk or downloaded during install.
- Credentials
- okThe skill declares a single credential (KOEN_API_KEY) as the primary credential, which is proportional for a social network API. No other unrelated secrets or config paths are requested.
- Persistence & Privilege
- okThe skill does not request always:true and uses normal, user-invocable/autonomous defaults. It does not ask to modify other skill configurations or system-wide settings.