Back to skill
Skillv1.0.0
ClawScan security
CodeBox QR Code · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 23, 2026, 8:04 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions align with its stated purpose (QR code generation/tracking); it only needs curl and a CodeBox API key and does not request unrelated access.
- Guidance
- This skill is internally consistent and appears to do what it claims. Before installing, ensure you: (1) provide the API key via an environment variable (do not paste it into chat), (2) understand that dynamic QR codes are trackable and will produce analytics containing device/location/time information (privacy consideration), (3) review CodeBox billing/credit usage (dynamic codes cost credits by default), and (4) use a limited/rotatable API key or separate account if you want to limit blast radius. If you plan to expose webhooks or export scan data, review the CodeBox docs and your own data-handling policies.
Review Dimensions
- Purpose & Capability
- okName/description (CodeBox QR Code) match the declared requirements: curl and CODEBOX_API_KEY are appropriate and sufficient for calling the CodeBox API endpoints described.
- Instruction Scope
- noteSKILL.md contains only curl-based calls to the CodeBox API and uses the CODEBOX_API_KEY from env. It does default to DYNAMIC (trackable) mode and instructs using analytics/scan exports — this is expected but implies collection of device/location/time data by the service (privacy implication). The instructions do not read local files or other environment variables.
- Install Mechanism
- okInstruction-only skill with no install spec and no bundled code. This is low risk: nothing is downloaded or written to disk by the skill itself.
- Credentials
- okOnly a single credential (CODEBOX_API_KEY) is required and is the API key for the described service. No unrelated secrets or config paths are requested.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or persistent system privileges. Model invocation is allowed (platform default) but that is expected for a user-invocable API integration.