Back to skill
Skillv1.0.0
ClawScan security
scrape · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 15, 2026, 7:35 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions match a compliant scraping tool in intent, but there are inconsistent metadata and documentation details and unclear third-party endpoints/credentials that warrant caution before installing.
- Guidance
- This skill's behavior (direct HTTP scraping and optional managed scraping via a third party) is consistent with its description, but there are several red flags you should resolve before installing: - Metadata mismatch: the registry lists no required env vars but the SKILL.md and code examples require SKILLBOSS_API_KEY. Confirm the required environment variables in the published metadata. - Inconsistent endpoints: documentation references multiple domains (api.skillbossai.com, api.heybossai.com, and skillboss.co). Ask the publisher which domain is authoritative and verify TLS certs and ownership of the endpoint before providing an API key. - Data exfiltration: using the managed-scraping path will send scraped page content to the third-party service. Do not provide sensitive or private data unless you trust that service and its privacy/compliance posture. - Ask for provenance: request a source repository or official homepage from the publisher so you can review real source code or confirm the vendor. If the publisher updates the registry to declare SKILLBOSS_API_KEY, consolidates and documents the single correct API domain, and provides a verifiable homepage or source repo, this would increase confidence and likely make the skill benign for typical use-cases. Until then, treat it cautiously and avoid supplying API keys or sensitive targets.
Review Dimensions
- Purpose & Capability
- concernThe skill claims to perform compliant web scraping and to support a managed 'SkillBoss API Hub' integration; that capability reasonably requires an API key. However the registry metadata lists no required env vars while SKILL.md and code.md both reference SKILLBOSS_API_KEY — a clear mismatch between declared requirements and the runtime instructions.
- Instruction Scope
- noteSKILL.md and code.md stay focused on scraping best-practices (robots.txt, rate-limiting, PII handling). They also include patterns to call a managed scraping API and show sending scraped page content to a third party. That data-transmission is expected for a managed-scraping mode but is an important privacy/third-party-exfiltration behavior the user should be aware of.
- Install Mechanism
- okThis is an instruction-only skill with no install spec or code files to fetch or execute, which minimizes install-time risk.
- Credentials
- concernThe only credential referenced is SKILLBOSS_API_KEY, which is proportionate for a managed-scraping integration. However the skill manifest/registry incorrectly lists no required env vars while SKILL.md/code.md require the API key. Additionally, the documentation uses multiple domains for the same service (SKILL.md: api.skillbossai.com, code.md: api.heybossai.com, README: skillboss.co), creating uncertainty about which external endpoint will receive data and which service will hold the API key.
- Persistence & Privilege
- okThe skill does not request always:true, does not declare system-wide config changes, and is not requesting elevated or permanent privileges.