Skillv1.2.0

ClawScan security

Habit AI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 7, 2026, 5:59 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches a Habit AI integration, but there are notable inconsistencies and privacy/credential handling gaps you should resolve before trusting it (missing declared API key requirement and odd instructions to avoid the service's own analysis endpoints).
Guidance: This skill appears to be a straightforward Habit AI API integration, but take these precautions before installing or using it: - Ask the publisher to declare HABITAI_API_KEY in the skill metadata (it currently isn't listed) so platform/permissions are clear. - Confirm where images will be processed: the SKILL.md tells the agent to analyze photos itself rather than using Habit AI's /analyze endpoints. Ask whether image data will be kept locally or transmitted elsewhere, and insist on explicit handling rules and user consent for image exposure. - Ask how USDA nutrition data is accessed or referenced — the skill asks you to 'use USDA data' but provides no data source or model instruction; verify accuracy expectations. - Because the skill source is unknown and homepage absent, treat the API key as sensitive: only provide a key with restricted scope/ability or use a throwaway key if testing. Revoke or rotate keys after evaluation. - Prefer a version that explicitly declares required env vars and documents privacy and data flow (where images or personal health details are sent and stored). If the publisher can clarify and fix the metadata (declare HABITAI_API_KEY) and explain the rationale for avoiding built-in analyze endpoints and for image handling, the inconsistencies would be resolved and the skill would be more trustworthy.

Review Dimensions

Purpose & Capability: noteName/description match the included endpoints and instructions: the skill is a wrapper for the Habit AI REST API (meals, water, weight, steps, coaches, journal). However the SKILL.md expects an API key in HABITAI_API_KEY even though the registry metadata lists no required env vars — this mismatch is unexpected and should be declared.
Instruction Scope: concernInstructions tell the agent to call GET /profile and POST /meals and otherwise stay within the Habit API, which is appropriate. However the guide explicitly says not to call the built-in /analyze/ endpoints and instead use the agent's own vision/language capabilities to analyze photos/descriptions and compute nutrition (including using 'USDA data'), without providing data sources or safeguards. That raises privacy and scope concerns (where images are processed, what external data is used, and how accurate nutrition calculations are derived).
Install Mechanism: okInstruction-only skill with no install spec and no code files — minimal filesystem or execution risk. This is the lowest install risk category.
Credentials: concernSKILL.md instructs the user to export HABITAI_API_KEY and use it for Authorization, but the registry metadata lists no required env vars/primary credential. The skill should declare HABITAI_API_KEY as a required/primary credential. Other than that single API key, no unrelated credentials are requested.
Persistence & Privilege: okThe skill does not request 'always: true' nor install components or modify other skills. It does allow normal autonomous invocation (platform default), which is expected and not in itself a red flag.