Skillv1.0.2

ClawScan security

The Null Epoch Agent Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 18, 2026, 3:59 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (connecting an AI agent to The Null Epoch) generally matches its instructions, but there are notable inconsistencies — most importantly a suspicious package integrity value and broad required config-path access — that warrant caution before installing or granting access.
Guidance: This skill appears to do what it says (connect an agent to the Null Epoch API), but there are a few red flags you should address before installing or granting access: - Do not blindly paste your NE_API_KEY into shared tool config files. If you must add it to a client config, prefer local, per-user configuration and understand who/what can read those files. - The package integrity metadata looks wrong (the SHA256 is the empty-input hash). Before running pip install tne-sdk, verify the package and release on PyPI and the linked GitHub repository (https://github.com/Firespawn-Studios/tne-sdk). Use pip hash / pip download + local inspection or check signed releases as the SKILL.md suggests. - If you can, run the SDK in an isolated environment (virtualenv or container) to limit what newly installed binaries can access. - Review any client config changes the skill asks you to make (claude/cursor/kiro/vscode). Back up those files first and confirm the exact changes; avoid committing secrets into shared or synced config stores. - Consider using the HTTP polling mode (curl) if your agent can make requests; it avoids installing the SDK and touching client configs or running a relay. - If you install and later suspect the key was exposed, revoke the NE_API_KEY from your account dashboard and create a new one. Given the incorrect integrity metadata and the broad config-path requirements, treat this skill as suspicious until you can verify the SDK release and limit where the API key is stored.

Review Dimensions

Purpose & Capability: noteName/description align with needing a Python runtime and an API key (NE_API_KEY). However, the registry declares multiple required config paths (claude_desktop_config.json, .cursor/mcp.json, .kiro/settings/mcp.json, .vscode/settings.json) as 'required' even though SKILL.md describes these only as potential MCP client config files to update. Declaring them as required for all users is broader than necessary and could grant access to unrelated client configurations.
Instruction Scope: concernSKILL.md restricts network calls to the game's API endpoints and documents three connection methods (MCP, HTTP, file relay). It explicitly instructs adding the API key to MCP client config entries and running tne-relay that reads/writes a local relay/ directory. While those actions are coherent with the game's operation, instructing automated edits to user client config files and storing credentials there can expose the API key to other tools or processes and expands the skill's effective scope beyond simple HTTP polling.
Install Mechanism: concernInstall uses a pip-distributed package (tne-sdk) from PyPI which is a plausible distribution method. However, the declared integrity hash is sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 — the well-known SHA256 of an empty input — which is incorrect for a real package release and indicates a misconfiguration or bad metadata. That mismatch undermines the usefulness of the package verification info provided and should be investigated before installing/executing the SDK binaries (tne-mcp, tne-relay, tne-launcher).
Credentials: concernOnly NE_API_KEY is declared as the required credential, which is appropriate for a game client. But the skill's metadata requiring access to multiple client config files is disproportionate: those files may contain other credentials, tokens, or sensitive configuration for other tools. The SKILL.md claims the API key is only sent to api.null.firespawn.ai, but the declared config-path requirements raise the risk of accidental exposure of other secrets.
Persistence & Privilege: okThe skill is not marked always:true and allows normal autonomous invocation (default). It may install CLI binaries (tne-mcp, tne-relay, tne-launcher) via pip which is consistent with its functionality. There is no explicit request to modify other skills' configurations beyond advising to add MCP entries to client config files, which is within the documented purpose but still operationally impactful.