ClawScan security

Redmine Issue · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 20, 2026, 12:57 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions mostly match a Redmine client (read/list/update) but the package metadata omits the required credentials and there are a few proportionality & disclosure concerns you should review before installing.
Guidance: This skill appears to be a straightforward Redmine REST client, but before installing: (1) note the registry metadata does not declare the required REDMINE_URL and credentials — ask the publisher to fix this; (2) only provide a least-privilege API key (prefer read-only if you don't need updates); avoid supplying account username/password unless necessary; (3) be aware the tool can perform updates and prints full API responses (which may include attachments or sensitive text) to stdout — avoid running it where logs are captured by untrusted systems; (4) confirm the runtime provides Node 18+ (global fetch) or the script may fail; (5) because the skill's source/owner is unknown, verify the code yourself or obtain it from a trusted source before granting credentials.

Review Dimensions

Purpose & Capability: noteThe script implements get, list, and update operations against a configurable REDMINE_URL and uses either REDMINE_API_KEY or REDMINE_USERNAME+REDMINE_PASSWORD for auth, which aligns with the stated purpose. However, the registry metadata claims no required env vars/credentials while the SKILL.md and scripts clearly require REDMINE_URL and auth credentials — this inconsistency is unexpected and should be corrected.
Instruction Scope: okSKILL.md instructs running the included Node script and the script's runtime behavior stays within the Redmine API (no other network endpoints, files, or system paths are accessed). Note: the script performs write operations (update) if invoked, and it prints full API responses (including attachments/journals/watchers) to stdout, which may disclose sensitive information.
Install Mechanism: okThere is no install spec (instruction-only with an included script), so nothing is downloaded or installed automatically. The script expects a Node environment with global fetch (Node 18+), which is a reasonable runtime requirement but should be confirmed.
Credentials: concernThe skill requires REDMINE_URL and either REDMINE_API_KEY or REDMINE_USERNAME+REDMINE_PASSWORD (as documented in SKILL.md and used by the script), but the registry metadata does not declare these required environment variables or a primary credential — this mismatch is a red flag. Also, accepting username/password is higher privilege than an API key; if you only need read access, prefer a scoped read-only API key. The script's ability to update issues means credentials grant modification rights and should be provisioned minimally.
Persistence & Privilege: okalways is false and the skill does not modify other skills or system-wide settings. It runs as an on-demand tool and does not request persistent elevated privileges.