Back to skill
Skillv0.1.0
ClawScan security
Model Usage · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 17, 2026, 8:46 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are internally consistent with its stated purpose of summarizing CodexBar local cost logs; nothing in the bundle requests unrelated credentials or hidden exfiltration.
- Guidance
- This skill appears to do what it says: run the CodexBar CLI or parse a CodexBar JSON export and summarize per-model costs. Before installing, confirm you trust the Homebrew tap (steipete/tap) used to install codexbar, since third-party taps have higher supply-chain risk than official packages. Also note that CodexBar itself will read local cost logs under your home directory (as documented) when you run it — if you don't want that, run the bundled Python script on an exported JSON file instead. If you'd like greater assurance, review the upstream codexbar source or the installed cask before installing.
Review Dimensions
- Purpose & Capability
- okName/description ask for per-model cost summaries from CodexBar; the skill only requires the codexbar CLI and a Python script that calls 'codexbar cost' or reads a provided JSON file. Required binaries and OS restriction (darwin) match the stated purpose.
- Instruction Scope
- okSKILL.md and the script stay on-topic: they run 'codexbar cost --format json --provider', accept file/stdin input, parse local cost JSON, and render summaries. The instructions do not direct the agent to read unrelated system files or network endpoints.
- Install Mechanism
- noteInstall uses a Homebrew cask from the steipete/tap (third-party) tap. This is expected to install the codexbar binary but carries the usual trust considerations for third-party brew taps (moderate supply-chain risk compared to official packages).
- Credentials
- okThe skill declares no environment variables, no credentials, and the code does not attempt to read undisclosed env vars. Access to local cost logs is performed indirectly via the codexbar CLI or user-supplied JSON, which is appropriate for the task.
- Persistence & Privilege
- okSkill is not always-enabled and does not request persistent system-wide privileges. It does not modify other skills or global agent config.