Skillv1.0.1

ClawScan security

Gen Paylink Govilo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 13, 2026, 2:08 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and required environment variables are consistent with its stated purpose (packaging files, obtaining a presigned upload URL, uploading to Govilo R2, and creating an unlock link).
Guidance: This skill appears coherent and implements exactly what it says: packaging files, calling Govilo presign → upload → create item, and returning an unlock link. Before installing/use: (1) Only provide a Govilo API key you trust — the API key grants actions in your Govilo account, so prefer a scoped/dedicated key and rotate it if compromised. (2) Follow the SKILL.md advice: use a dedicated .env file containing only GOVILO_API_KEY and SELLER_ADDRESS; do not point --env-file at shared project .env files with other secrets. (3) The setup guide suggests installing 'uv' via a remote install script (curl | sh); audit that URL or install via a package manager you trust (Homebrew) if you prefer. (4) Review the included code (it is present and readable) and confirm the base API URL (https://api.unlock.govilo.xyz) matches expectations. (5) Be cautious uploading any sensitive files — uploads are sent to the presigned URL returned by Govilo. If you want further assurance, run the tool in an isolated environment or inspect network activity during a dry run.

Review Dimensions

Purpose & Capability: okName/description match the code and instructions: the tool packages inputs, calls Govilo Bot API endpoints (/api/v1/bot/uploads/presign and /api/v1/bot/items), uploads the ZIP to the returned upload_url, and returns unlock_url. Required env vars (GOVILO_API_KEY, SELLER_ADDRESS) are exactly what this integration needs.
Instruction Scope: okSKILL.md and included scripts limit runtime actions to: validating config, packaging user-specified paths, calling the Govilo API, uploading the ZIP, and printing JSON results. There are no instructions to read unrelated files or environment variables, nor to exfiltrate data to unexpected endpoints. The SKILL.md explicitly warns to use a dedicated env file and not to point at project .env files.
Install Mechanism: noteThere is no formal install spec; the skill is invoked via 'uv run' per pyproject.toml. The setup guide suggests installing 'uv' with a curl | sh installer (https://astral.sh/uv/install.sh) or Homebrew. That installer is an external script executed by the user — a standard convenience but a risk if you don't trust the source. The code itself uses only the requests library and Python stdlib; nothing else is downloaded or executed by the skill at runtime.
Credentials: okOnly GOVILO_API_KEY (primary credential) and SELLER_ADDRESS are required, which align with the described API usage. The code reads only those variables (or CLI overrides). No unrelated secrets or config paths are requested.
Persistence & Privilege: okSkill is not always-enabled and does not request permanent presence or modify other skills or system-wide settings. It does not persist credentials beyond using environment variables or the CLI-provided values.