Back to skill
Skillv1.0.0
ClawScan security
Privacy Cards · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 11, 2026, 8:59 AM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions match a Privacy.com integration, but the package metadata fails to declare the required API credential (PRIVACY_API_KEY) and therefore the bundle is internally inconsistent — proceed with caution.
- Guidance
- This skill's instructions legitimately use Privacy.com APIs, but the package metadata omits the required PRIVACY_API_KEY — that's an internal inconsistency you should question before installing. Do not provide a production API key unless you trust the skill owner. Prefer testing with a sandbox key first, and only grant least-privilege credentials needed. Ask the publisher why the metadata doesn't declare the required env var and whether the skill stores or transmits your key anywhere beyond api.privacy.com. Monitor and rotate keys if you test or use this skill; avoid giving enterprise-level keys that return PAN/CVV unless absolutely necessary.
Review Dimensions
- Purpose & Capability
- concernThe SKILL.md accurately describes Privacy.com card management and shows curl examples against api.privacy.com; that matches the stated purpose. However the registry metadata does not declare the API key (PRIVACY_API_KEY) as a required environment variable or primary credential even though the runtime instructions require it. This mismatch is an incoherence between declared requirements and actual capability.
- Instruction Scope
- okThe runtime instructions are narrowly scoped to calling Privacy.com endpoints (create/list/update cards, query transactions, webhook verification). They do not instruct reading unrelated files, system paths, or contacting external endpoints outside the official Privacy.com domains. Examples correctly note sandbox vs production differences.
- Install Mechanism
- okNo install spec and no code files are present (instruction-only). This is low-risk from an installation perspective because nothing will be downloaded or written to disk by an installer.
- Credentials
- concernThe instructions require a PRIVACY_API_KEY (sensitive financial API key) but the registry metadata lists no required env vars or primary credential. Requesting an API key to manage virtual cards is proportionate to the skill's purpose, but omitting that requirement from metadata is a red flag: it makes it unclear how the agent runtime will be authorized or how the key will be supplied/used. The API key grants control over payment instruments and potentially access to transaction data and, with higher privileges, PAN/CVV — so ensure only the minimum-privilege key is used (prefer sandbox for testing).
- Persistence & Privilege
- notealways:false (normal). The skill is user-invocable and model invocation is allowed (default). While autonomous invocation is standard, pairing autonomous invocation with access to a financial API increases potential impact if the key is provided — verify trust in the skill and owner before granting credentials.