Antigravity Balance
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly does what it says, but it reads and reuses a local Antigravity CSRF/session token in ways that could expose it.
Review before installing. This appears designed for a legitimate quota check, but it relies on reading Antigravity process arguments and reusing a local CSRF token. Avoid verbose mode unless necessary, do not share debug output, and prefer an updated version that redacts tokens and verifies the local API before sending authentication headers.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can use local Antigravity session authority to query account status, and debug output could reveal a token if copied into logs or support chats.
The script extracts a local Antigravity CSRF token from the process command line, and verbose logging prints the full matching command line, which is likely to include that token.
log(`Antigravity line: ${antigravityLine}`); ... const tokenMatch = antigravityLine.match(/--csrf_token[= ]+([a-f0-9-]+)/i);Only run this on a trusted machine, avoid sharing verbose output, and redact or avoid logging the CSRF token. The skill should declare this local token use and mask tokens in debug logs.
A different local HTTPS service on a nearby port could receive the Antigravity token during discovery.
During port discovery, the script sends the CSRF token to multiple nearby localhost HTTPS ports while accepting any certificate, before proving the target is the intended Antigravity API.
for (let p = extensionPort - 10; p <= extensionPort + 10; p++) { ... testPort(p, token); } ... 'X-Codeium-Csrf-Token': token ... rejectUnauthorized: falseAvoid sending the token during discovery, verify the service identity before adding authentication headers, or restrict probing to the exact known Antigravity API port.
Running the skill executes local shell commands that inspect running process arguments.
The script runs local process-listing commands to detect the Antigravity language server. This is expected for the stated purpose, but users should know it executes OS commands.
const { exec } = require('child_process'); ... execAsync(`ps -ww -eo pid,args | grep "${processName}" | grep -v grep`, { timeout: 5000 });Review and run the script manually if you are uncomfortable with local process enumeration.