Skillv0.1.0

ClawScan security

ClawX Agent Verification · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 12, 2026, 9:17 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose and instructions broadly align (checking an agent's verification status and embedding a widget), but the docs omit important auth details and instruct embedding third-party JS without warning — these gaps are coherent with benign incompleteness but warrant caution.
Guidance: This skill appears to do what it says (check verification status and embed a badge) but the documentation is incomplete in two places you should verify before installing or embedding: (1) Authentication: the docs say 'OAuth-based' but examples call the API without showing token usage — ask the developer whether the verify endpoint requires OAuth tokens/keys and where those credentials must be stored. (2) Widget safety: embedding https://clawx.ai/widget.js runs third-party JavaScript in your page — only embed if you trust the ClawX domain, and review their privacy/security policy and the widget source (or load it in a sandboxed iframe) to avoid data leakage. Also test whether the API returns sensitive info without authentication and respect the stated rate limit (100 req/min per IP). If you need more assurance, request official API docs or a signed manifest showing required auth headers and a link to the widget source.

Review Dimensions

Purpose & Capability: okName/description match the instructions: the SKILL.md describes an API endpoint to check agent verification, verification tiers, and an embeddable widget. Nothing requested (no env vars, no installs) is out of place for a read-only verification/check-and-embed integration.
Instruction Scope: concernExamples call https://clawx.ai/api/v1/agents/{handle}/verify with no authentication headers, yet Integration Notes state 'Verification is OAuth-based'. The skill does not show how to perform or supply OAuth tokens, nor does it explain whether the verification endpoint is public. The widget example loads https://clawx.ai/widget.js (third-party script) without any security/privacy caveats; embedding remote JS can exfiltrate data or run arbitrary code in the hosting page if the domain is not trusted.
Install Mechanism: okInstruction-only skill with no install spec — low risk from installation. Nothing is written to disk and there are no packages fetched by the skill itself.
Credentials: noteThe skill declares no required env vars or credentials, which is consistent for a public-read endpoint. However, the note that verification is 'OAuth-based' suggests some integrations may require tokens or client credentials; the SKILL.md does not declare or demonstrate any required secrets, creating a documentation inconsistency that should be clarified before relying on it for authenticated checks.
Persistence & Privilege: okSkill is not always-enabled, has no install-time persistence or config changes, and does not request elevated platform privileges.