Back to skill
Skillv1.0.0
ClawScan security
WorkIQ · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 3:50 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions align with its stated purpose (invoking the WorkIQ CLI to query Microsoft 365 data); no unrelated credentials or suspicious install sources are requested, though the SKILL.md suggests using npx which will run remote code unless the CLI is installed locally.
- Guidance
- This skill is coherent with its stated purpose, but review these practical points before installing: 1) The skill runs the WorkIQ CLI locally (or via npx). If you don't already trust the @microsoft/workiq package, prefer to install a vetted version yourself (npm install -g @microsoft/workiq) instead of using npx, which executes remote code on-demand. 2) Authentication is interactive: the agent cannot complete the sign-in for you — you'll need to run workiq ask manually to sign in and accept the EULA. 3) The skill does not request extra credentials, but when you run the CLI it will access Microsoft 365 data that the signed-in account can see—install and run only if you trust the CLI and the environment. 4) Note the small name mismatch between the registry entry and SKILL.md ("WorkIa" vs "workiq"); that's likely a metadata typo but verify you are installing the expected skill.
Review Dimensions
- Purpose & Capability
- okThe skill states it queries Microsoft 365 via the WorkIQ CLI and the instructions require either the 'workiq' binary or 'npx' to run @microsoft/workiq. Those requirements match the described capability. Minor inconsistency: registry name appears as "WorkIa" while SKILL.md and metadata use 'workiq'.
- Instruction Scope
- okSKILL.md only instructs the agent to run the WorkIQ CLI (or npx fallback), accept EULA, and handle common CLI errors. It does not ask the agent to read unrelated files, environment variables, or send data to third‑party endpoints. It correctly notes that interactive sign-in is required and that the user must complete it manually if prompted.
- Install Mechanism
- noteThere is no install spec in the registry (instruction-only). The doc recommends 'npm install -g @microsoft/workiq' or using 'npx -y @microsoft/workiq' as a fallback. Installing from npm or invoking via npx is expected for this CLI; however, npx runs remote package code on demand, which increases transient execution risk compared with a preinstalled, pinned binary.
- Credentials
- okThe skill declares no required environment variables or credentials. This is proportionate: authentication is delegated to the WorkIQ CLI's interactive sign-in flow and to whatever account the user has already authenticated with.
- Persistence & Privilege
- okThe skill is not marked 'always' and does not request persistent system configuration. It will invoke local CLI binaries via exec when used. Allowing the agent to invoke the skill autonomously is platform-default; there are no additional elevated privileges requested.