Back to skill
Skillv1.0.0
ClawScan security
Pokemon · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 11, 2026, 8:59 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (a local CLI wrapper that queries PokéAPI) is coherent, but the package omits the executable/install instructions it expects—this mismatch could cause the agent to try fetching or executing external code if installed manually.
- Guidance
- This skill is plausible for looking up Pokémon data (it just queries pokeapi.co), but the package is incomplete: it refers to a local 'pokemon' CLI/script that is not included. Before installing or running anything: 1) Ask the publisher to provide the executable or a formal install spec, or include the script in the skill package. 2) If you follow the README to git clone the GitHub repo, inspect the repo's scripts first (open the scripts/pokemon file) to verify there is no unexpected network contact, credential collection, or destructive commands. 3) Prefer to run the CLI in a sandbox or VM the first time. 4) Confirm that network calls go only to pokeapi.co (and known raw.githubusercontent.com assets, if present) and that no environment secrets are required. If you cannot verify the remote repo or the script contents, do not run unknown executables on a production machine.
Review Dimensions
- Purpose & Capability
- concernThe skill describes a local CLI wrapper (commands like `pokemon`, script paths {skill_folder}/pokemon and scripts/pokemon) and the README shows cloning a GitHub repo, but the package contains only README.md and SKILL.md (no script/executable or install spec). Required binaries (bash, curl, jq) are reasonable for calling the PokéAPI, but the missing wrapper is an incoherence: either the package should include the CLI or the SKILL.md should show how to call the API directly.
- Instruction Scope
- noteRuntime instructions only call the local `pokemon` CLI and the PokéAPI (pokeapi.co). They do not request unrelated files, credentials, or other system data. However, because the SKILL.md expects a local executable that isn't present in the package, whoever installs may be instructed (by README) to clone a remote repo and run chmod — introducing an implicit step that isn't part of the packaged instructions.
- Install Mechanism
- noteThere is no install spec in the package (lowest-risk form). The README suggests cloning https://github.com/jeffaf/pokemon-skill.git and making scripts executable; that is a manual download from an external source. If a user follows those steps, they will run arbitrary code from that GitHub repo — reasonable if the repo is trusted, but the skill package should have been self-contained or provided a verified install source.
- Credentials
- okNo environment variables, credentials, or config paths are requested. This is proportional to the stated purpose (public PokéAPI access requires no auth).
- Persistence & Privilege
- okThe skill does not request always:true and does not require persistent privileges. It allows autonomous invocation (platform default), which is expected for skills.