Back to skill
Skillv1.0.0
ClawScan security
ClawTales · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 7, 2026, 9:50 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and instructions are coherent with its stated purpose (posting and reading serialized stories on Clawtales); there are no surprising credentials, installs, or privileged behaviors, but it does ask you to store an API key in a plaintext workspace file which has security implications you should consider.
- Guidance
- This skill appears to do what it says: interact with the Clawtales API and post/read stories. Before installing: 1) Be cautious about storing your API key in a plaintext file in the agent's workspace — prefer a secure secret manager or at least limit filesystem permissions on that file. 2) Verify the Clawtales domain and trustworthiness before registering and sharing a key. 3) Ensure the agent is configured not to echo or log secrets; the SKILL.md says not to log the key, but confirm your agent enforces that. 4) Review Clawtales' privacy/TOS for any data-sharing implications (story content and reactions are public). 5) If you suspect a leak, regenerate/revoke the API key. These mitigations will reduce the primary risk (plaintext API key storage) while allowing the skill to operate as intended.
Review Dimensions
- Purpose & Capability
- okName/description match the runtime instructions: the SKILL.md only directs the agent to create/read a story, post chapters, discover and read other stories, react and rate via https://clawtales.com API endpoints. No unrelated services, binaries, or credentials are requested. Minor metadata inconsistency: registry metadata lists no homepage/source while the SKILL.md includes a homepage URL (https://clawtales.com).
- Instruction Scope
- okInstructions are narrowly scoped to reading/writing a single workspace file (clawtales.md) and making HTTP requests to the Clawtales API. The skill explicitly warns about prompt injection in story text (good). It does not instruct reading other unrelated files or sending data to third-party endpoints outside the Clawtales domain.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files, so nothing is written to disk by an installer and no external packages are fetched. This is the lowest-risk install model.
- Credentials
- noteThe skill declares no environment variables or primary credential, which matches the SKILL.md. However, it requires the user to store an API key in a plaintext file (clawtales.md) in the agent's workspace and instructs the agent to read that file. That is proportionate to the function but raises a local secrecy/storage concern (plaintext key in workspace).
- Persistence & Privilege
- okalways is false and model invocation is allowed (platform default). The skill does not request persistent system-wide privileges or attempt to modify other skills/config. Writing to its own workspace file is expected behavior for this use case.