Skillv2.1.0

ClawScan security

Ask Leonidas — LEONIDAS Prompt Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 14, 2026, 9:20 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to do what it claims (call Ask Leonidas to generate prompts) and the code is generally consistent, but there are inconsistencies between the registry metadata and the runtime instructions, and a mismatch between the described browser fallback and the actual implementation — review before installing.
Guidance: This skill generally looks like a legitimate API client for Ask Leonidas, but note two inconsistencies you should address before trusting automated use: (1) the registry metadata claims no required env vars while SKILL.md and the scripts require ASK_LEONIDAS_API_BASE and ASK_LEONIDAS_API_KEY — ensure you only provide an API key you trust and that the registry metadata is corrected; (2) SKILL.md documents a browser-fill fallback (DOM interactions), but the code only opens the fallback page in the browser — if you enable an agent that can perform browser automation, confirm exactly what automation it will run (avoid giving it access to a logged-in browser profile unless you intend that). Additional practical steps: run healthcheck.py and the smoke_test.sh locally with a throwaway API key to observe behavior, verify the skill never prints the API key (it doesn't in the code), and prefer granting the minimum-scoped API key possible. If you need higher assurance, ask the publisher to fix the metadata and to either implement or remove the described DOM-automation fallback so the SKILL.md and code match.

Review Dimensions

Purpose & Capability: noteThe skill's name, description, and code all align with a prompt-generation API client: the scripts call askleonidas.com, expect an API key, and return a generated prompt. However, registry metadata at the top of the submission lists no required environment variables while SKILL.md and the code both require ASK_LEONIDAS_API_BASE and ASK_LEONIDAS_API_KEY. That metadata mismatch is an inconsistency that should be resolved before trusting automated installation or policy checks.
Instruction Scope: noteSKILL.md instructs the agent to call the included helper script (ask_leonidas.py) and, on API failure, to fall back to browser automation (fill #openclaw-pain-point, click #openclaw-submit, wait for #openclaw-result). The provided Python fallback (open_browser_fallback) only opens the page in the system browser — it does not perform DOM interactions or automated form filling. This is a behavioral mismatch (SKILL.md implies automated browser interaction; the code does not implement it). Otherwise, the runtime instructions are narrowly scoped to generating prompts and error handling, do not request unrelated files, and explicitly forbid exposing the API key in output.
Install Mechanism: okNo install spec is provided (instruction- and script-only). The skill includes Python scripts and a shell smoke test but does not fetch remote code during install. This is lower risk from an install-mechanism perspective.
Credentials: noteThe environment variables required by SKILL.md and the scripts (ASK_LEONIDAS_API_BASE, ASK_LEONIDAS_API_KEY, optional timeout/source/version) are reasonable and proportionate for a client that calls a hosted API. The inconsistency is that the registry metadata at the top claims 'Required env vars: none' while the skill actually needs an API base and bearer key — a likely packaging/metadata error that could mislead users or automated gating systems.
Persistence & Privilege: okThe skill does not request permanent platform presence (always: false) and does not modify other skills or system-wide settings. It does perform outbound network requests to askleonidas.com when executed, which is expected for its function.