Skillv1.0.0

ClawScan security

Reddit Market Insights · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 13, 2026, 8:15 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (Reddit-based ecommerce research) is plausible, but the runtime instructions ask you to install and run an npm MCP server and to add an API key while the published metadata does not declare those requirements and the package/owner metadata is inconsistent — this mismatch and the implicit npx install are cause for caution.
Guidance: Before installing or using this skill, consider the following: - The SKILL.md asks you to create an API key at reddit-insights.com and to add an MCP server entry that will run 'npx reddit-insights-mcp'. npx will download and execute code from npm — verify the npm package and its source repository (GitHub, maintainer, recent releases) before running it. - The registry metadata does not declare the REDDIT_INSIGHTS_API_KEY requirement and the included _meta.json metadata (slug/owner/version) doesn't match the published registry metadata. Ask the publisher to explain and correct these mismatches. - If you proceed, minimize risk: create an API key with least privilege, inspect the npm package contents (or prefer a known GitHub release), and review any MCP server code before running. Consider running the MCP process in an isolated environment (container or VM) rather than on a primary machine. - If you need more assurance, request a formal install spec and the upstream repository URL from the skill author, or ask the registry operator for provenance verification.
Findings: [no_regex_findings] expected: Scanner found no regex-based code findings — expected because this is an instruction-only skill with no code files to analyze. [missing_declared_env_var] unexpected: SKILL.md requires REDDIT_INSIGHTS_API_KEY and shows how to set it in MCP server config, but the registry metadata lists no required env vars or primary credential. That mismatch reduces transparency and is unexpected. [meta_owner_slug_mismatch] unexpected: Embedded _meta.json in the package lists ownerId, slug ('reddit-insights') and version (1.2.0) that differ from the registry metadata (ownerId kn79..., slug reddit-market-insights, version 1.0.0). This inconsistency is suspicious and should be clarified by the publisher.

Review Dimensions

Purpose & Capability: noteThe stated purpose (semantic Reddit search for ecommerce insights) matches the SKILL.md workflow. However the skill's metadata lists no required environment variables or install steps, while the instructions require an API key for reddit-insights.com and configuring/launching an MCP server via npx. That discrepancy is unexpected.
Instruction Scope: concernRuntime instructions tell the user/agent to edit agent config files (claude_desktop_config.json, config/mcporter.json), supply REDDIT_INSIGHTS_API_KEY, and run MCP server via npx. These actions go beyond pure query composition and involve modifying local agent configuration and launching third-party code — this is within the skill's functional scope but expands its runtime footprint and risk.
Install Mechanism: concernThere is no formal install spec in the registry, but SKILL.md instructs using 'npx reddit-insights-mcp' (or 'npx -y reddit-insights-mcp'), which will fetch and run an npm package at runtime. Executing npx pulls arbitrary code from the npm registry; without a vetted install spec or an explicit source/release URL, this is a higher-risk installation pattern.
Credentials: noteThe only runtime secret described is REDDIT_INSIGHTS_API_KEY from reddit-insights.com, which is proportionate to the skill's purpose. However the registry metadata does not declare this required env var (or any credentials), creating an inconsistency that reduces transparency.
Persistence & Privilege: noteThe skill does not request 'always: true' and does not itself request elevated platform privileges. It does instruct modifying local agent configuration to register an MCP server, which grants persistent capability to run the third-party MCP process when the agent uses that server — users should be aware they are enabling a persistent external process.