Skillv1.3.0

ClawScan security

Vultr · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 16, 2026, 7:01 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement a legitimate Vultr API client and its instructions match the code, but the manifest omits the required API credential/storage detail (metadata claims no credentials while SKILL.md and the script require a local API key file), which is an inconsistency worth attention.
Guidance: This skill is a full Vultr API client and mostly coherent, but the manifest omits the fact that it needs your Vultr API key stored at ~/.config/vultr/api_key. Before installing: (1) verify the script contents yourself (scripts/vultr.py) to confirm it only talks to api.vultr.com; (2) create an API key with the minimum permissions required and store it with tight file permissions (chmod 600); (3) consider using a dedicated, limited-scope API key rather than a broad account key; (4) if you need stronger assurance, run the skill in an isolated environment or container. The metadata omission is likely an oversight but you should confirm the credential storage and usage before trusting the skill with sensitive keys.

Review Dimensions

Purpose & Capability: noteThe name, description, SKILL.md, reference doc, and scripts/vultr.py are consistent: this is a comprehensive Vultr API client covering instances, kubernetes, DNS, firewalls, object storage, etc. However, the registry metadata lists no required credentials or primary credential while the SKILL.md and script explicitly require an API key stored at ~/.config/vultr/api_key. That metadata omission is an inconsistency (likely an oversight) but not proof of malicious intent.
Instruction Scope: okThe runtime instructions are narrowly scoped to interacting with the Vultr API and to storing/reading the API key from the user's home config path. The SKILL.md does not instruct the agent to read unrelated files, call external endpoints other than api.vultr.com, or exfiltrate data. The script constructs HTTP requests to the Vultr API and handles responses.
Install Mechanism: okThere is no install spec (instruction-only skill with included script). No downloads from arbitrary URLs, no package installs, and nothing is written to disk by an installer. The included script will be executed by the agent when invoked, which is expected for a code-backed skill.
Credentials: concernThe skill requires an API key (SKILL.md and scripts/vultr.py instruct storing it at ~/.config/vultr/api_key), but the registry metadata declares no required env vars or primary credential. Requiring an API key is reasonable for a cloud-management skill, but the manifest should explicitly declare that credential. Also note the script reads a file in the user's home directory — ensure you understand which key is stored there and limit its permissions and scope.
Persistence & Privilege: okThe skill does not request always: true and does not attempt to modify other skills or system-wide agent settings. Its recommended configuration is to store an API key in a dedicated config file (~/.config/vultr/api_key), which is scoped to the skill.