Skillv1.0.0

ClawScan security

rend-spotter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 20, 2026, 10:20 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's description claims real‑time cross‑platform trend tracking but the instructions contain only high‑level, vague steps and no mechanism (APIs, scraping, or credentials) to obtain that data — the pieces don't add up.
Guidance: This skill is vague and internally inconsistent: it promises real‑time, cross‑platform monitoring but provides no mechanism to fetch data (no API endpoints, no credential requirements, no install). Before installing or using it, ask the author for: (1) which data sources/APIs it uses, (2) whether it requires API keys or OAuth and exactly which tokens, (3) a privacy policy for any user data it accesses, and (4) a concrete runtime plan (e.g., which endpoints it will call or whether it will scrape public pages). Avoid pasting account tokens into chat; prefer explicit, minimal-scope credentials (read‑only API keys) and test the skill in a sandboxed environment. The name mismatch ('rend-spotter' vs 'trend-spotter') is a red flag worth confirming with the publisher.

Review Dimensions

Purpose & Capability: concernThe skill claims to monitor trends across major social platforms in real time, but there are no declared env vars, credentials, binaries, or install steps to access platform APIs (Twitter/X, Reddit, YouTube, etc.). That omission is inconsistent with the stated capability. Also the registry name/slug 'rend-spotter' differs from SKILL.md's 'trend-spotter', which suggests sloppy packaging or an authoring error.
Instruction Scope: concernSKILL.md contains only high‑level usage guidance (initialize tracking, set focus areas, analyze, generate reports) and no concrete runtime instructions, endpoints, or data sources. The instructions are vague and grant broad discretion to the agent without constraints, which could lead the agent to attempt arbitrary web access or request user credentials.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest install risk. Nothing is written to disk by the skill package itself.
Credentials: noteNo environment variables or credentials are declared. That is unexpected for a cross‑platform social media tracker (which normally requires API keys/tokens). The absence could indicate the skill expects the agent to prompt for credentials at runtime or to use unauthenticated scraping — both are noteworthy but not proof of malice.
Persistence & Privilege: okThe skill does not request always:true and is user‑invocable only; it does not declare any config path changes or modifications to other skills. No elevated persistence or privileged presence is requested.