Back to skill
Skillv1.0.0
ClawScan security
Clay · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 3:14 PM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is coherent with its stated purpose (wrapping the Clay CLI) but has small metadata inconsistencies you should be aware of before installing or trusting its CLI and config file.
- Guidance
- This skill is essentially documentation for the official Clay CLI. Before installing or using it: (1) confirm you trust the @clayhq/clay-cli npm package (check the package page, publisher, and downloads) if you plan to install it; (2) be aware clay login opens a browser OAuth flow and stores tokens in ~/.config/clay.json — inspect that file and its permissions if you care about token storage; (3) the registry metadata omitted the install spec while SKILL.md includes it — verify which install method your agent will actually run; (4) review the OAuth scopes presented during login so you understand what account data the CLI can access. If you only want to read contact data, consider whether you need to grant full access before proceeding.
Review Dimensions
- Purpose & Capability
- noteThe name/description match the runtime instructions: the SKILL.md only instructs using the clay CLI to manage contacts. Requiring the 'clay' binary is appropriate. Minor inconsistency: the registry metadata reported no install spec, but the SKILL.md metadata includes an npm install recommendation (@clayhq/clay-cli). This is plausible but inconsistent between registry fields and the embedded SKILL.md metadata.
- Instruction Scope
- okInstructions are narrowly scoped to running clay CLI commands (search, create, update, list). They instruct interactive OAuth login (clay login) and normal CLI operations. The SKILL.md notes credentials are stored at ~/.config/clay.json — the skill will therefore read/write a per-user config file, which is expected for an OAuth-based CLI.
- Install Mechanism
- noteThere is no install spec in the registry entry, but the SKILL.md contains an install entry pointing to the npm package @clayhq/clay-cli which would install the 'clay' binary. Installing via a well-known public npm package is a typical mechanism and reasonable, but the mismatch between the registry (no install) and SKILL.md (npm) is worth verifying.
- Credentials
- okThe skill declares no required environment variables or primary credential. That aligns with the SKILL.md, which uses OAuth via browser and stores tokens locally. There are no requests for unrelated secrets or system-wide credentials.
- Persistence & Privilege
- okThe skill does not request always:true and uses normal autonomous invocation defaults. The only persistent artifact noted is the CLI's credential file (~/.config/clay.json), which is expected for a login-capable CLI and is limited to the user's home config.