Back to skill
Skillv0.1.0
ClawScan security
Schedule and publish posts to X and Threads from your AI agent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 10:27 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and required environment variable are consistent with a PostStash social-post scheduling integration and do not request unrelated credentials or perform unexpected actions.
- Guidance
- This skill appears to be what it claims: it will use whatever POSTSTASH_API_KEY you provide to schedule and query posts via PostStash (requests go to https://poststash.com/api). Before installing, ensure you trust PostStash and use a dedicated API key with the minimum permissions you need. Treat the key like a secret (do not paste it into chat or public repos), monitor activity tied to the key, and be prepared to revoke it if you see unexpected posts. Note that the agent (if given permission) can invoke the skill to post on your behalf, so limit agent autonomy or review prompts if you want manual control over publishing.
Review Dimensions
- Purpose & Capability
- okName/description match the code and SKILL.md: all tools call the PostStash API and require only POSTSTASH_API_KEY. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md only instructs obtaining and setting POSTSTASH_API_KEY and how to call the provided tools. Runtime code only performs HTTP requests to poststash.com and does not read other environment variables, system files, or transmit data to unexpected endpoints.
- Install Mechanism
- okNo install spec is provided (lowest risk). The package includes TypeScript source but does not download or execute code from third-party URLs at runtime. Network calls target the documented poststash.com API.
- Credentials
- okOnly a single API key (POSTSTASH_API_KEY) is required, which is proportional to scheduling/publishing posts. The code uses that key only to authenticate requests to the documented API.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or persistent system privileges. Autonomous invocation is allowed (platform default) but that is expected for a posting tool.