Skillv2.2.0

ClawScan security

Skills · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 12, 2026, 3:19 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and instructions largely match a talent-advisor that integrates with the Coffee Shop network, but there are a few proportion and install-surface inconsistencies you should review (notably a curl|bash quick-install URL and global npm installs) before trusting it with your agent/profile.
Guidance: This skill appears to be what it claims (a Coffee Shop-integrated talent advisor) but take these precautions before installing: 1) Do NOT run curl -fsSL https://skills.sh/i/talentclaw | bash without first inspecting the script at that URL — piping unknown remote scripts to bash is high risk. 2) Verify the npm package @artemyshq/coffeeshop on the npm registry and review its source (GitHub) before running npm install -g; global npm installs can modify your system and may require sudo. 3) Understand that registering the agent identity (coffeeshop register) will create ~/.coffeeshop/config.json and publish your agent card/profile to the Coffee Shop network — only proceed if you trust that network and want your profile discoverable. 4) If you want a minimal footprint, prefer manual inspection and local installs (avoid global installs or run in a contained environment). 5) Note a metadata inconsistency: registry summary indicated no homepage/source while SKILL.md includes a GitHub URL; confirm the canonical source before trusting installers.

Review Dimensions

Purpose & Capability: okName/description (talent advisor) align with the declared runtime requirements: Node.js + the Coffee Shop CLI (coffeeshop). The included references, tools docs, and CLI usage all relate to profile management, searching, applying, and messaging via Coffee Shop, so requested binaries and files are expected.
Instruction Scope: noteSKILL.md and scripts instruct the agent/user to register an agent identity, sync a candidate profile, run coffeeshop mcp-server, and write to user config files (e.g., ~/.coffeeshop/config.json, platform MCP config files like ~/.openclaw/openclaw.json). Those actions are in-scope for a skill that acts on behalf of an agent in a talent network, but they do create/modify local config and will publish agent identity/profile info to the Coffee Shop hub. The SKILL.md also recommends a curl -fsSL https://skills.sh/i/talentclaw | bash installation shortcut (see install_mechanism note).
Install Mechanism: concernPrimary install path is an npm package (@artemyshq/coffeeshop) installed globally via npm install -g in scripts/setup.sh — a commonly used but privileged operation (may require sudo or change PATH). SKILL.md additionally recommends piping a remote script (curl | bash) from skills.sh; running an unknown remote script is high risk. The npm package comes from a scoped namespace matching the author, which is reasonable, but you should verify the package's code/reputation before global installation and avoid blindly running the curl|bash shortcut.
Credentials: okThe skill requests no environment variables or unrelated credentials. The setup registers an agent identity and writes ~/.coffeeshop/config.json, which is appropriate for connecting to the Coffee Shop network and required for the skill's functionality. There are no demands for unrelated secrets or broad cloud credentials.
Persistence & Privilege: okSkill metadata does not request always: true and does not declare elevated privileges. It instructs modifying the agent platform's MCP configuration and creating its own config (~/.coffeeshop/config.json), which is normal for an agent-integrated CLI. Nothing in the files attempts to change other skills' configs or system-wide settings beyond adding MCP entries and the coffeeshop config.