Skillv0.2.1

ClawScan security

Moltgate · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 19, 2026, 10:37 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it only requires a Moltgate API key and its instructions match the stated purpose of fetching and triaging Moltgate inbox messages.
Guidance: This skill appears coherent and minimal, but consider the following before installing: (1) Only provide an API key you trust to the Moltgate service and prefer a key with least privileges; rotate or revoke the key if you stop using the skill. (2) Verify the BASE_URL if you override it (ensure it points to the official Moltgate endpoint). (3) The SKILL.md uses curl — ensure the agent environment has an HTTP client available or that the agent will perform equivalent calls. (4) Because this is instruction-only (no code files), there's less surface to audit — but also less code to inspect; only install if you trust the skill/source and the Moltgate service. (5) The skill can invoke network requests when the agent runs (disable-model-invocation is false), so be comfortable with the agent making API calls using your API key.

Purpose & Capability: noteName/description, required env var (MOLTGATE_API_KEY), and optional BASE_URL align with the stated purpose of accessing Moltgate's REST API. Minor note: SKILL.md shows curl examples but the manifest lists no required binaries — the agent environment must provide an HTTP client (curl) or equivalent.
Instruction Scope: okSKILL.md instructs only to call documented Moltgate endpoints, summarize/triage messages, and update status; it explicitly warns not to execute message content or expose secrets. It does not ask to read unrelated files, extra env vars, or transmit data to other endpoints.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk and no external packages are installed.
Credentials: okOnly MOLTGATE_API_KEY is required (primary credential) and an optional BASE_URL; this is proportional to the task. There are no unrelated credentials or wide-ranging env access requested.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request persistent/system-wide privileges or modify other skills' configurations.