ClawHub
Back to skill
v1.0.0

Phoenix API Generator

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:18 AM.

Analysis

The skill is a coherent Phoenix API generator, but its tenant/auth templates could generate APIs that let users choose another tenant and access or modify records across tenant boundaries.

GuidanceReview this skill carefully before use. It has no installer or executable helper code, but the generated Phoenix auth and multi-tenancy code should be changed so tenants are verified from authenticated identity, all reads/writes/deletes are tenant-scoped, and generated diffs are approved before being written.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
Creates contexts, Ecto schemas, migrations, controllers, JSON views/renderers, router entries, ExUnit tests with factories, auth plugs, and tenant scoping.

The skill is designed to generate and modify many parts of a Phoenix project; this is expected for the stated purpose but changes persistent application behavior.

User impactUsing the skill can change database migrations, routes, controllers, tests, and authentication code in a project.
RecommendationRequire a clear diff and explicit approval before writing files, especially for migrations, router changes, authentication, and tenant-scoping code.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
tenant_id = get_req_header(conn, "x-tenant-id") |> List.first()
assign(conn, :tenant_id, tenant_id)

The multi-tenancy plug assigns the tenant directly from a client-controlled header without showing validation against the authenticated user or account.

User impactA generated API could let a caller choose another tenant ID and access that tenant's data if downstream code trusts this assignment.
RecommendationDerive tenant identity from verified authentication claims or validate the requested tenant against the current user's memberships before assigning it.
Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
references/phoenix-conventions.md
def index(conn, _params) do
  users = Accounts.list_users(tenant_id: conn.assigns.tenant_id)
...
def show(conn, %{%22id%22 => id}) do
  user = Accounts.get_user!(id)
...
def update(conn, %{%22id%22 => id, %22user%22 => params}) do
  user = Accounts.get_user!(id)
...
def delete(conn, %{%22id%22 => id}) do
  user = Accounts.get_user!(id)

The index action is tenant-filtered, but show, update, and delete fetch records by ID only, which contradicts the tenant-scoping goal.

User impactGenerated endpoints could allow cross-tenant reads, updates, or deletes when a user knows or guesses another tenant's record ID.
RecommendationGenerate tenant-scoped lookup functions such as get_user!(tenant_id, id), use them for show/update/delete, set tenant_id server-side on create, and add cross-tenant denial tests.