Back to skill
Skillv0.1.4
ClawScan security
Beetrade · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 1, 2026, 3:19 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose (operating the Beetrade CLI); the npm install of a CLI is expected, but you should verify the npm package and note a small documentation inconsistency about the API URL and the inability to inspect the installed package from this bundle.
- Guidance
- This skill looks coherent for operating the Beetrade CLI, but before installing: 1) Verify the npm package @beelabs/beetrade-cli and its publisher (check the package page, repository, and recent releases) because npm packages run code during install. 2) Note the small documentation mismatch: SKILL.md says the API URL is fixed, but the reference shows an apiUrl in the local config — confirm whether the CLI actually allows overriding the API endpoint. 3) Expect the CLI to create/consume credentials in ~/.beecli/config.json even though the skill forbids directly reading that file; the agent will run the CLI which itself will read/write that file. 4) If you plan to use live trading, require explicit confirmations and consider testing in a sandbox/paper environment first. 5) If you need higher assurance, inspect the npm package source or run the CLI in an isolated environment before granting it access to your real accounts.
Review Dimensions
- Purpose & Capability
- okName/description match the behavior: the skill is an instruction-only wrapper around the 'beecli' CLI and the install spec installs an npm package that provides that binary. Required binaries and the CLI-focused workflow are appropriate for a CLI skill.
- Instruction Scope
- noteSKILL.md confines actions to running beecli, checking auth, listing resources, and requiring confirmation for mutating operations; it also imposes strong redaction and 'never read ~/.beecli/config.json' rules. One minor inconsistency: SKILL.md claims the API URL is fixed and not configurable, yet references/commands.md documents an apiUrl field in ~/.beecli/config.json, implying configurability. The workflow otherwise stays within CLI scope and does not instruct the agent to access unrelated files or credentials directly.
- Install Mechanism
- noteInstall uses an npm package (@beelabs/beetrade-cli) that creates the 'beecli' binary — this is proportionate for installing a CLI. npm installs execute code from the registry, so there's inherent moderate risk in installing third-party packages; however the install mechanism itself is expected for a CLI skill.
- Credentials
- okThe skill requests no environment variables and relies on the CLI and its config file for credentials. That aligns with a typical CLI-based integration. The SKILL.md explicitly forbids the agent from reading config files or exposing tokens, which is consistent with not requesting additional credentials in requires.env.
- Persistence & Privilege
- okThe skill does not request always:true and does not ask to modify other skills or system-wide settings. It installs a binary (normal for a CLI) but does not request elevated persistent privileges in the bundle metadata.