ClawHub
Back to skill
v1.0.2

Pangolinfo Amazon Scraper

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:18 AM.

Analysis

This appears to be a legitimate Pangolin Amazon scraper, but it asks the agent to handle and permanently cache Pangolin credentials in ways users should review carefully.

GuidanceInstall only if you are comfortable giving this skill access to a Pangolin account/API key and storing that key at ~/.pangolin_api_key. Use an API key rather than a password, avoid pasting secrets into chat or shell history, monitor Pangolin credit usage, and remove or revoke the cached key when you no longer need the skill.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation
SeverityMediumConfidenceMediumStatusConcern
SKILL.md
Write it directly to the cache file — avoids shell history entirely:
```bash
echo "<api_key>" > ~/.pangolin_api_key
```
...
This avoids passwords appearing in shell history

The documentation presents literal-secret shell commands as fully history-safe; depending on how the commands are run, secrets may still be captured in shell history, terminal logs, agent transcripts, or tool logs.

User impactUsers could be more willing to paste credentials into chat or shell commands under an overstated safety claim.
RecommendationAvoid literal credentials in shell snippets; instruct users to use secure secret entry, environment injection, or a credential manager, and clarify that chat/tool logs may retain secrets.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
SKILL.md
When the user provides their credentials, **you (the AI agent) should configure them securely**. The script will automatically cache the API key at `~/.pangolin_api_key` for all future calls.

The skill asks the agent to handle Pangolin account credentials and create a persistent reusable API-key cache; this is sensitive account access, especially because the registry metadata declares no primary credential, env vars, or config paths.

User impactA user may give the agent a Pangolin password or API key, and that account access can remain available on the machine for future API calls and credit use.
RecommendationPrefer a scoped API key over an account password, store it through a trusted secret manager when possible, document the credential requirement in metadata, and provide clear removal/revocation instructions for ~/.pangolin_api_key.