Skillv1.0.0

ClawScan security

Quack Coordinator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 27, 2026, 12:15 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and required credential file are consistent with a coordinator for an external service (Quack) and do not request unrelated privileges, but using it will transmit task data and an API key to an external domain, so treat the key and any sensitive task content carefully.
Guidance: This skill appears to do what it says: run the provided Node scripts which read an API key file and call https://quack.us.com to post RFPs, bids, and hires. Before installing or running: 1) Verify the Quack service domain (quack.us.com) and that you trust it; 2) Store a minimal-scope API key and avoid putting highly sensitive data in task descriptions (anything you include will be sent to the remote service); 3) Keep the key in a secure location (consider file permissions or secret storage) and rotate/revoke if compromised; 4) Ensure your runtime environment uses a recent Node with secure TLS; and 5) If you need higher assurance, inspect network traffic or sandbox/script execution before giving the skill access to real credentials or confidential content.

Purpose & Capability: okName/description (RFP → Bid → Hire) match the included scripts and SKILL.md. The scripts call endpoints on a single domain (quack.us.com) and read a Quack API key from ~/.openclaw/credentials/quack.json as documented.
Instruction Scope: noteSKILL.md and scripts stay within the stated purpose (posting RFPs, bidding, hiring). They do instruct storing/reading an API key from a specific home-directory path (~/.openclaw/credentials/quack.json) and will send task text and budget/pricing to the remote API — this is expected but means any task content will leave the host.
Install Mechanism: okNo install spec; this is instruction-only plus small Node scripts. Nothing is downloaded or installed automatically by the skill bundle itself.
Credentials: noteNo environment variables or unrelated credentials are requested. The single credential (apiKey in a JSON file under the user's home) is proportionate to the remote API use, but storing a plaintext key on disk and allowing scripts to read it is a sensitive operation — keys should be scoped and rotated.
Persistence & Privilege: okThe skill is not always-enabled and is user-invocable. It does not request system-wide configuration changes or elevated privileges.