Back to skill
Skillv4.0.0
ClawScan security
Vikunja-complete · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 6:29 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and included scripts align with a Vikunja CLI integration: it only needs curl/jq plus a Vikunja URL and API token and performs API calls to the declared Vikunja host.
- Guidance
- This package appears to do what it says: a deterministic CLI for Vikunja that will call the Vikunja API. Before enabling it: (1) only provide a VIKUNJA_TOKEN with the minimum permissions needed (consider creating a scoped/test token); (2) run the included smoke test against a non-production Vikunja instance if you want to validate behavior (the smoke test creates projects/tasks/labels/tokens); (3) review the vikunja.sh script yourself (it is included) to confirm no unexpected network endpoints or persistence are added; and (4) because the skill author is not a known publisher in the metadata, prefer using it in a sandbox or with limited credentials until you are comfortable.
Review Dimensions
- Purpose & Capability
- okName/description match behavior: the skill implements a CLI wrapper (vikunja.sh) that talks to the Vikunja API. Required binaries (curl, jq) and required env vars (VIKUNJA_URL, VIKUNJA_TOKEN) are consistent with that purpose.
- Instruction Scope
- noteSKILL.md and the included scripts constrain operations to the Vikunja API (tasks, comments, labels, attachments, webhooks, tokens, etc.). The optional smoke test will create/modify resources (projects, tasks, labels, tokens) on the target Vikunja instance — this is expected for an integration but is state-modifying, so run against a test instance or with a limited-scope token if you want to avoid side effects.
- Install Mechanism
- okNo external install/download spec is present; the package is instruction+script-based. There are no remote URLs being downloaded or extracted during install, which lowers supply-chain risk.
- Credentials
- okOnly VIKUNJA_URL and VIKUNJA_TOKEN (plus optional retry env vars) are required. These are appropriate and proportionate for an API client. Note: VIKUNJA_TOKEN is sensitive and grants access to the target instance.
- Persistence & Privilege
- okSkill is not marked always:true and does not request elevated platform persistence. It does not modify other skills or system-wide configs; autonomous invocation is allowed at the platform default level (not an additional concern here).