ClawHub
Back to skill
v0.1.0

Post.at Tracking

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 4:45 AM.

Analysis

The skill is a coherent post.at CLI reference, but it uses postal account credentials and can change package delivery instructions, so users should confirm sensitive actions.

GuidanceThis looks like a normal instruction-only helper for the post.at CLI. Before using it, make sure the `post-at` executable is the trusted one, keep your postal account credentials secure, and do not let the agent change delivery-place settings unless you have explicitly approved the tracking number and location.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
SKILL.md
Set all upcoming deliveries to door:
```bash
# First list deliveries
post-at deliveries --json > /tmp/deliveries.json

# Then set place for each (requires scripting)
# Example for a specific one:
post-at routing place 1042348411302810212306 \

The skill documents commands that can change delivery-place routing, including a bulk-oriented workflow. This matches the stated purpose, but it affects where physical packages may be left.

User impactA mistaken or overbroad routing change could cause packages to be left in an unintended or less secure location.
RecommendationRequire explicit user confirmation before any `routing place` command, especially bulk changes, and verify tracking numbers and delivery location text before running.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
SKILL.md
homepage: https://github.com/krausefx/post-at-cli
...
```bash
post-at login
```

The skill is instruction-only and invokes an external `post-at` command, while the provided artifacts include no install spec or CLI code. This is not suspicious by itself, but users should verify the external CLI provenance.

User impactInstalling or running the wrong external CLI could expose post.at credentials or delivery data.
RecommendationInstall the CLI only from the intended trusted source and verify the executable before using it with postal account credentials.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
requires your own account credentials.

Credentials: `POST_AT_USERNAME` and `POST_AT_PASSWORD` environment variables (or `--username` / `--password` options).

The skill requires the user's post.at account credentials to access delivery information. This is expected for the integration, but it is sensitive account authority and is not reflected in the registry's credential/env-var declarations.

User impactThe CLI can access private delivery details under the user's postal account.
RecommendationUse only with the intended post.at CLI, keep credentials out of chat/history where possible, and store environment variables securely.