Skillv1.0.2

ClawScan security

Threat Assessment Defense Guide · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 16, 2026, 3:11 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly behaves like an API-backed threat-assessment tool (only needing curl and a single API key) but contains inconsistencies and a risky test script (different host and curl -k) that do not fully align with a straightforward, trustworthy implementation.
Guidance: This skill is plausible for its stated purpose, but exercise caution before installing. Key points to check before use: - Confirm the real API endpoint and owner: SKILL.md and README reference portal.toolweb.in and an API path, but the included test script posts to hub.toolweb.in/security/… — ask the publisher why two different hosts are used and which is authoritative. - Avoid using a long-lived, highly privileged API key until you trust the service. Use an ephemeral or scoped key if possible and monitor usage/billing in the ToolWeb portal. - The test script uses curl -k (skips TLS certificate validation). That weakens transport security and could enable MITM; do not run scripts that skip cert verification without understanding why. Prefer endpoints with valid TLS and remove -k. - Recognize that the skill requires sending organization and asset details to an external service. If those inputs include sensitive or regulated data (PHI, PCI, secrets), do not send them without appropriate contracts and data-handling assurances. - If you proceed, validate the service by: contacting the maintainer (email in README), checking the TLS certificate and domain ownership of portal.toolweb.in/hub.toolweb.in, performing a test with non-sensitive data, and monitoring network/API calls. Given the domain inconsistency and the insecure curl usage in the test script, treat this skill as suspicious until those issues are clarified.

Review Dimensions

Purpose & Capability: okThe name/description ask for threat assessments and the skill only requires curl and an API key (TOOLWEB_API_KEY), which is proportionate for an API-backed service. Requesting a single service API key fits the stated purpose.
Instruction Scope: concernSKILL.md insists the agent must always call the external ToolWeb API and never answer from its own knowledge, and instructs sending user-provided context (industry, assets, threat types) to that endpoint. Sending user/org details to an external service is expected for a remote analysis service, but users should be aware this transmits potentially sensitive information. Additionally, the included test script targets a different host (hub.toolweb.in) than the SKILL.md examples (portal.toolweb.in/apis/...), which is a troubling inconsistency.
Install Mechanism: okNo install spec — instruction-only skill — so nothing is written to disk at install time beyond the SKILL.md and small script. This is low-risk in itself.
Credentials: noteOnly one required environment variable (TOOLWEB_API_KEY) is declared and used, which is proportionate. However, because the skill mandates external API calls for every request, that API key will be sent to a third-party service; users should ensure they trust the service and the key's permissions and billing implications.
Persistence & Privilege: okThe skill is not always-enabled and doesn't request system-level config paths or modify other skills. It has normal invocation privileges for an OpenClaw skill.