Skillv1.0.1

ClawScan security

Listonic · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 15, 2026, 8:42 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements line up with its stated purpose (an unofficial CLI for Listonic); it asks for local tokens/passwords and performs network calls to Listonic endpoints, which is expected for this functionality.
Guidance: This skill appears to do what it says: a local CLI that talks to Listonic and stores your auth in ~/.openclaw/credentials/listonic/config.json. Before installing: (1) Prefer the token/refreshToken mode rather than supplying your email/password. (2) Be aware tokens (and rotated refresh tokens) are saved in plaintext at the given path — avoid placing them on shared machines. (3) Inspect the bundled scripts yourself if you want to confirm network endpoints; the code calls Listonic domains and includes a hard-coded client_id/client_secret and a non-Listonic redirect URI (likely from reverse-engineering). (4) If you are uncomfortable giving credentials, do not add them; the tool cannot work without valid credentials.

Review Dimensions

Purpose & Capability: okName/description (manage Listonic lists) match the included Python CLI and shell wrapper. Required binary is python3, and the skill reads/writes a per-skill config file for tokens/passwords — all consistent with an API client.
Instruction Scope: okSKILL.md instructs creating a local config at ~/.openclaw/credentials/listonic/config.json and running the provided scripts. The runtime instructions and the code operate only on that config path and the Listonic API; they do not request unrelated system files or external endpoints unrelated to Listonic functionality.
Install Mechanism: okNo external install/downloads are performed. This is an instruction-only skill with bundled code files executed locally. No remote installers, package downloads, or archive extraction are used.
Credentials: noteThe skill requests no environment variables, only a local credentials file (token or email/password). It persistently stores tokens (including rotated refresh tokens) in plaintext at ~/.openclaw/credentials/listonic/config.json — expected for a client but something users should be aware of. The code includes a hard-coded default client_id/client_secret and a default redirect URI; embedding these values is plausible for a reverse-engineered web client but worth noting.
Persistence & Privilege: okalways is false and the skill only writes to its own config path. It auto-refreshes and persists tokens for convenience; it does not request system-wide settings or other skills' credentials.