Back to skill
Skillv1.0.1
ClawScan security
Agentpatch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 1:08 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with a tool-marketplace that uses a single API key; the main issues are operational (no install spec, recommends pip install, and a small metadata mismatch) rather than evidence of malicious intent.
- Guidance
- This skill appears to do what it says: a single API key gives access to a marketplace of tools. Before installing or using it: (1) verify the agentpatch project and publisher on PyPI (or review its source) because the instructions ask you to run `pip install` (install-time packages can execute arbitrary code); (2) confirm the legitimacy of https://agentpatch.ai and the dashboard where you would obtain the API key; (3) consider creating a limited/low-credit API key or test account rather than exposing a high-value key; (4) be aware that adding the MCP entry writes an Authorization header into your openclaw.json — that file should be protected like any other secret store; and (5) note the small metadata mismatch (registry shows no required env vars while SKILL.md declares AGENTPATCH_API_KEY) — ask the publisher or inspect the skill/package if you need stronger assurance. If you want extra safety, review the agentpatch package source first or run it in an isolated environment.
Review Dimensions
- Purpose & Capability
- okName/description describe a marketplace of connectors and the SKILL.md only requests a single AgentPatch API key and shows how to call the marketplace CLI or MCP endpoint — these requirements match the stated purpose.
- Instruction Scope
- noteRuntime instructions stay on-purpose (search tools, run tool calls, configure API key). They recommend installing a CLI, setting AGENTPATCH_API_KEY, and optionally adding an MCP server entry to ~/.openclaw/openclaw.json that contains an Authorization header. This is expected for a service proxy but storing API keys in a config file and adding a remote MCP server are notable operational decisions the user should understand.
- Install Mechanism
- noteThere is no registry install spec; the SKILL.md instructs users to run `pip install agentpatch`. That is a normal distribution route for a CLI, but because it's not gated by the registry's install metadata the package will run whatever install-time code PyPI allows. Users should review the package source and publisher on PyPI before installing.
- Credentials
- noteOnly one credential (AGENTPATCH_API_KEY) is required, which is proportionate. Minor incoherence: the registry summary listed 'Required env vars: none' while the skill metadata declares AGENTPATCH_API_KEY as the primaryEnv. Also note the instructions show storing the key in openclaw.json (Authorization header), which is functionally necessary but increases scope of where a secret is stored.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request forced persistence. The optional MCP server entry modifies the agent config only if the user adds it — this is an explicit, user-driven action.