Skillv1.0.0

ClawScan security

Jackett · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 5, 2026, 4:13 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match the stated purpose (querying Jackett) but the package metadata omits required binaries and environment variables and doesn't surface that the script will send your Jackett API key to the configured URL, which is worth caution.
Guidance: This skill appears to do what it claims (query a Jackett Torznab API) but the registry metadata fails to declare runtime dependencies: the script requires curl, jq, and python3 and uses either a config file (~/.openclaw/credentials/jackett/config.json) or env vars (JACKETT_URL, JACKETT_API_KEY). Before installing, review the script (it's included) and decide where the Jackett endpoint will live — pointing JACKETT_URL at a remote/trusted server will transmit your JACKETT_API_KEY there. Ensure the required binaries are present, prefer storing the API key in a secure place you control, and limit agent autonomy if you do not want the skill to call network endpoints without explicit confirmation.

Review Dimensions

Purpose & Capability: okName/description, README, SKILL.md, and the included script all focus on querying Jackett's Torznab API and parsing results — the requested functionality is coherent with the implementation.
Instruction Scope: noteSKILL.md and README consistently instruct creating a config at ~/.openclaw/credentials/jackett/config.json and/or using JACKETT_URL/JACKETT_API_KEY env vars. The script reads that config and calls the configured Jackett URL, returning parsed JSON or raw XML. This is within scope but the runtime will transmit queries and the API key to whatever URL is configured (localhost or a remote host), so users should only point it at trusted Jackett endpoints.
Install Mechanism: noteThere is no install step (instruction-only), and the script is bundled in the skill so nothing is downloaded at install. That's low risk, but the package executes a local script at runtime — users should review it before running.
Credentials: concernRegistry metadata lists no required env vars or binaries, but the script clearly depends on JACKETT_URL / JACKETT_API_KEY (and accepts JACKETT_APIKEY), and uses external tools (curl, jq, python3). Those env/config requirements and binaries are proportional to the task, but their omission from the declared requirements is an inconsistency that reduces transparency and could mislead users about what secrets are needed or sent.
Persistence & Privilege: okalways is false, no special persistence or rights requested, and the skill does not attempt to modify other skills or system-wide agent settings.