Back to skill
Skillv1.0.1
ClawScan security
SuperThink · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 24, 2026, 5:37 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are internally consistent with a batch research/synthesis pipeline that uses Anthropic batch APIs and optional notification channels; nothing requested appears disproportionate to that purpose.
- Guidance
- This skill appears to do what it says: it needs an Anthropic API key and writes large generated documents to persistent storage. Before installing: (1) only provide ANTHROPIC_API_KEY if you intend to run large batch jobs; (2) be cautious about setting NOTIFY_WEBHOOK_URL or TELEGRAM_* vars — those will send pipeline outputs to external endpoints you configure; (3) ensure /data/superthink is an appropriate, isolated place to store potentially sensitive outputs and that you have disk quota for ~40–60k word files; (4) note the pipeline runs fully unattended after you confirm scope — if you want intermediate approvals, modify the cron/poller as described; (5) review or sandbox the required batch-worker and md2docx implementations if you plan to run them in a shared environment. If you want, I can list the exact files the skill will create or suggest minimal sandboxing/permissions to limit exposure.
Review Dimensions
- Purpose & Capability
- okName/description (deep research + synthesis) match the declared dependencies and runtime actions: Anthropic API access for batch stages, optional notification channels, and local persistent storage for large outputs. Declaring the interrogate skill as a dependency is coherent with the trigger flow.
- Instruction Scope
- noteSKILL.md is explicit about what it will read/write (creates /data/superthink and ./batch-jobs/, stores pipeline-state and results, polls Anthropic). The only notable design choice is that after a single user confirmation the pipeline runs fully unattended with no further checkpoints unless manually changed; this is intentional but worth user awareness.
- Install Mechanism
- okInstruction-only skill with no install spec and no bundled code — lowest install risk. Optional python-docx is installed via pip only if the user wants .docx output; that is reasonable and scoped to the md2docx component.
- Credentials
- noteRequired envs are proportional: ANTHROPIC_API_KEY (required) for batch calls, optional BATCH_JOBS_DIR, webhook/Telegram settings for notifications. The presence of optional NOTIFY_WEBHOOK_URL and TELEGRAM_BOT_TOKEN means pipeline output can be posted to external endpoints if configured — this is by-design but a potential data-exfiltration vector depending on how the user configures it.
- Persistence & Privilege
- noteThe skill requests read-write access to persistent storage (/data/superthink and ./batch-jobs/) to hold large outputs and job state; this is coherent with its function but means outputs (including potentially sensitive research text) will be stored persistently and processed unattended after one confirmation. always:false and no system-wide config changes are requested.