Back to skill
Skillv1.0.0
ClawScan security
FreshBooks CLI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:11 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are consistent with a CLI that manages FreshBooks (it installs an npm CLI, requires FreshBooks OAuth credentials, and stores tokens locally), but provenance is weak (no homepage/source) so verify the package before installing.
- Guidance
- This skill appears internally consistent with a FreshBooks CLI, but the npm package author/source is not visible in the skill metadata. Before installing: 1) verify the npm package (@haseebuchiha/freshbooks-cli) and its publisher on the registry or GitHub (check repository, README, stars, issues, and releases); 2) inspect the package code (or install in an isolated sandbox/container) before granting FreshBooks client credentials; 3) be cautious about adding a .npmrc entry pointing to a non-default registry—only do this for registries you trust; 4) note that OAuth tokens will be stored at ~/.config/freshbooks-cli/config.json (0600) — consider filesystem backups and access controls accordingly; 5) prefer official FreshBooks packages or well-known third-party CLIs when possible. If you cannot verify the package source, treat this as higher-risk and avoid installing on production or credential-bearing machines.
Review Dimensions
- Purpose & Capability
- okName/description, required binary ('freshbooks'), and the npm install instruction all align: this is a CLI for FreshBooks and the skill instructs installing @haseebuchiha/freshbooks-cli which provides the 'freshbooks' binary.
- Instruction Scope
- okSKILL.md only instructs normal CLI usage and OAuth manual auth flow. It references storing tokens at ~/.config/freshbooks-cli/config.json and optional env vars FRESHBOOKS_CLIENT_ID/SECRET — all are directly relevant to the stated purpose. It does not ask the agent to read unrelated files or exfiltrate data.
- Install Mechanism
- noteInstall is via an npm package hosted on GitHub Package Registry (requires .npmrc pointing to npm.pkg.github.com). This is a plausible mechanism but higher-risk than an official registry entry; the package has no homepage/source listed in the skill metadata, so you cannot verify author or code from the skill bundle itself.
- Credentials
- okNo unrelated environment variables or system credentials are requested. The CLI legitimately needs FreshBooks client ID/secret (and will store OAuth tokens locally). These are sensitive and necessary for operation, and the README documents where tokens are stored.
- Persistence & Privilege
- okalways is false and the skill only writes its own config (~/.config/freshbooks-cli/config.json) for tokens, which is appropriate. The skill does not request system-wide privileges or modify other skills.