Back to skill
Skillv1.0.3
ClawScan security
Outlit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 11, 2026, 11:24 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it simply wraps the Outlit CLI/MCP, asks for the expected OUTLIT_API_KEY, and declares standard install options (npm/brew); nothing in the instructions or requirements is disproportionate to that purpose.
- Guidance
- This skill looks coherent with its description. Before installing: 1) Verify the npm package and Homebrew tap are the official Outlit distribution (check the vendor's docs and package/tap pages). 2) Use a least-privilege, rotatable OUTLIT_API_KEY and avoid reusing highly privileged keys. 3) Be mindful that CLI outputs may contain customer PII — limit what the agent is allowed to transmit externally. 4) If you allow autonomous agent invocation, consider policies or reviews for actions that access customer data. Overall this skill appears to be what it claims, but standard supply-chain and credential hygiene still apply.
Review Dimensions
- Purpose & Capability
- okName/description say this integrates with Outlit customer intelligence and the skill requires the 'outlit' CLI plus OUTLIT_API_KEY. Both the declared binary and primary environment variable directly match the stated purpose and are appropriate for a CLI-based integration.
- Instruction Scope
- okSKILL.md instructs the agent to use the outlit CLI or MCP endpoints, lists specific commands, and describes auth precedence. It does not instruct reading unrelated system files, harvesting other credentials, or sending data to unexpected endpoints.
- Install Mechanism
- okInstall options are an npm package (@outlit/cli) and a Homebrew formula (outlitai/tap/outlit). These are standard mechanisms for distributing a CLI; no downloads from ad-hoc URLs or extract-from-unknown-host behavior is declared.
- Credentials
- okOnly OUTLIT_API_KEY is required and declared as the primary credential. The SKILL.md's auth resolution (cli flag, env var, stored credentials) matches normal CLI behavior and there are no unrelated secrets requested.
- Persistence & Privilege
- okalways is false and the skill does not request system-wide config changes. The skill can be invoked autonomously by the agent (platform default), which is expected for an integration skill and not by itself a concern.