Skillv1.0.2

ClawScan security

Talentir HumanPay · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 11, 2026, 2:40 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions are consistent with a payment integration for Talentir; nothing requested is out of proportion to the stated purpose — but because it can create real payouts you should treat the API key and agent autonomy carefully.
Guidance: This skill appears to do what it says: call Talentir's API to create payouts. Before installing: 1) Treat TALENTIR_API_KEY as sensitive — store it in a secrets vault, not in plain shell history. 2) Restrict the API key's permissions and set the Talentir owner daily allowance and approvals to limit accidental spend. 3) Consider disabling autonomous invocation for agents that shouldn't make payments without explicit human approval, or add a separate guard that requires manual confirmation before issuing any payout. 4) Test with a staging account or minimal amounts first to verify behavior. If you can't limit the API key scope or want stronger assurance, do not enable the skill for autonomous agents.
Findings: [no_regex_findings] expected: No code files present; the regex scanner had nothing to analyze. This is expected for an instruction-only curl-based integration.

Purpose & Capability: okName, description, required binaries (curl, jq), and TALENTIR_API_KEY all match a simple HTTP API integration for creating payouts. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteSKILL.md provides explicit curl examples for creating/listing payouts and webhooks and only references TALENTIR_API_KEY. It does not instruct reading unrelated files or secrets. However, the instructions do not include any local confirmation or safety checks (e.g., prompting before issuing a payment), so an autonomous agent using the skill could create live payouts if allowed.
Install Mechanism: okInstruction-only skill with no install spec and no code to write to disk — lowest-risk installation model.
Credentials: okOnly TALENTIR_API_KEY is required and is the declared primary credential. No additional secrets or unrelated environment variables are requested.
Persistence & Privilege: notealways is false (normal). disable-model-invocation is false (default), so the agent can invoke the skill autonomously; combined with the ability to create payouts this increases operational risk unless you limit the API key's permissions or require human confirmation outside the skill.