ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Shaper

v1.0.0

Connect to a Shaper (useshaper.com) workspace via MCP to execute Shape Up methodology as an AI agent. Use when the user wants an agent to work inside their S...

0· 124·0 current·0 all-time
by@jax-agent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill is an instruction-only connector for the Shaper MCP API and its documented API calls (get_active_work, get_pitch_context, create_scope, update_scope_hill_position, complete_scope) align with the stated Shape Up workspace workflow. However, the included reference also exposes an unauthenticated agent_register call that issues api_key values — this capability is not mentioned in the top-level SKILL.md instructions and is potentially surprising.
!
Instruction Scope
SKILL.md instructs the agent to use a workspace API key and suggests exporting SHAPER_API_KEY and SHAPER_WORKSPACE_SLUG or asking the user to provide them. Those env vars are referenced in runtime examples but are not declared in the skill metadata. The instructions permit reading full pitch documents and updating/completing scopes (expected), but they do not document the agent_register tool which can create workspaces and return an api_key without auth — this expands the agent's possible behavior beyond what's described and could be used to create credentials autonomously.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. Nothing will be written to disk by an installer.
!
Credentials
The skill metadata lists no required env vars, yet the SKILL.md examples instruct using SHAPER_API_KEY and SHAPER_WORKSPACE_SLUG. Requiring a workspace API key is reasonable for this integration, but the mismatch between declared and used environment variables is a coherence issue. Additionally, the references show agent_register returns an api_key without authentication, which could be used to obtain credentials programmatically; that broadens the set of secrets the agent can acquire and use.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide persistence. Autonomous model invocation is allowed by default (normal for skills). There is no indication it modifies other skills or system-wide configs.
What to consider before installing
This skill is largely coherent with its stated purpose (acting inside a Shaper workspace), but there are some red flags you should consider before installing: - Credential handling mismatch: The SKILL.md instructs using SHAPER_API_KEY and SHAPER_WORKSPACE_SLUG (examples show exporting them), but the skill metadata declares no required env vars. Ask the publisher to explicitly declare required env vars in metadata so you can audit what secrets the skill will use. - Unauthenticated agent registration: The included references/tools.md documents an agent_register endpoint that requires no auth and returns an api_key and claim_url. That lets an agent create a workspace and obtain credentials autonomously — confirm whether the skill will call this endpoint automatically. If it does, an agent could create and use credentials without you providing them, which may be unexpected. - Least privilege: Only provide a workspace API key when needed, and prefer creating an ephemeral/test workspace for first use rather than giving access to production data. Do not put API keys into shared shell init files or public logs. - Ask the publisher to clarify: 1) whether the skill ever calls agent_register, 2) whether it stores or transmits the API key elsewhere, and 3) update metadata to list the env vars it actually uses. If the publisher cannot or will not clarify, treat the skill as higher risk and test in an isolated workspace. If you proceed, restrict the API key to a workspace with minimal sensitive data and monitor actions the agent takes (scopes created/completed, hill updates).

Like a lobster shell, security has layers — review code before you run it.

latestvk975a424fpe8kk26x8bxypt71x834p01mcpvk975a424fpe8kk26x8bxypt71x834p01project-managementvk975a424fpe8kk26x8bxypt71x834p01shapeupvk975a424fpe8kk26x8bxypt71x834p01

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments