Back to skill
Skillv2.0.1
ClawScan security
AnyGen Suite · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 30, 2026, 10:12 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions match its stated purpose (an AnyGen CLI wrapper) and do not request unrelated credentials or system access.
- Guidance
- This skill is internally consistent: it needs the AnyGen CLI and an AnyGen API key to function. Before installing, verify the @anygen/cli package on the npm registry or vendor site (confirm the publisher and package integrity), and only provide an API key with the minimum needed permissions. Be aware that installing the npm package runs code from the registry — if you don't trust the publisher, avoid installing or run in an isolated environment. If you later suspect misuse, revoke the API key and inspect anygen CLI configuration or logs.
Review Dimensions
- Purpose & Capability
- okName/description (AI content generation) align with required binary (anygen) and primary credential (ANYGEN_API_KEY). The declared node package (@anygen/cli) provides the anygen binary, which is appropriate for the described functionality.
- Instruction Scope
- okSKILL.md confines actions to using the AnyGen CLI and its auth flows (browser login, API key or env var). It does not instruct reading unrelated files, scanning system paths, or exfiltrating data to endpoints outside the stated service (www.anygen.io).
- Install Mechanism
- noteInstall uses an npm/node package (@anygen/cli) that creates the anygen binary — this is expected for a CLI skill but carries the typical npm risk vector (executing code obtained from the registry). The package source is not listed in the skill metadata (homepage unknown), so verifying the package provenance in npm or from the vendor is recommended.
- Credentials
- okOnly ONE credential is required (ANYGEN_API_KEY), which is proportional to a remote content-generation service. The SKILL.md references only that env var and the CLI auth; it does not request unrelated secrets or config paths.
- Persistence & Privilege
- okThe skill is not always-enabled, does not request system-wide configuration changes, and contains no instructions to modify other skills. Default autonomous invocation is allowed (platform default) but not combined with other concerning permissions.