Back to skill
Skillv1.0.3
ClawScan security
Twinfold · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 18, 2026, 12:44 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill appears to implement a legitimate Twinfold API integration, but there are metadata inconsistencies and provenance gaps that warrant caution before installing or providing an API key.
- Guidance
- This skill looks functionally consistent with a Twinfold API integration, but take these precautions before installing: 1) Resolve the metadata mismatch — the SKILL.md requires TWINFOLD_API_KEY but the registry summary claims no env vars; ask the publisher to clarify. 2) Source and homepage are missing — verify twinfold.app is the legitimate service and that the skill is published by a trusted party before supplying credentials. 3) Use a revocable/test API key with minimal permissions and monitor account activity and credit usage (autoPublish/autopilot can spend credits and post on your accounts). 4) Review the platform's privacy/billing terms and consider creating a separate Twinfold account for integration testing. 5) If you proceed, watch network/activity logs for unexpected endpoints and revoke the key if anything suspicious occurs.
Review Dimensions
- Purpose & Capability
- noteThe SKILL.md describes a social-media/content-management integration with Twinfold and only asks for a Twinfold API key (prefix twf_), which is appropriate for the stated purpose. However, the registry metadata at the top of the submission claims 'Required env vars: none' and 'Primary credential: none' while the SKILL.md explicitly requires TWINFOLD_API_KEY — this mismatch is an incoherence between declared registry metadata and the actual runtime instructions.
- Instruction Scope
- okThe runtime instructions are scoped to calling the twinfold.app API (POST https://twinfold.app/api/mcp/tools) and provide curl examples and tool schemas. They only reference the TWINFOLD_API_KEY environment variable and typical post/workflow artifacts. There are no instructions to read unrelated local files, other environment variables, or to transmit data to unexpected endpoints in the SKILL.md itself (aside from example media URLs which are normal for media uploads).
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files; nothing is written to disk and no third-party packages are fetched. That minimizes install-time risk.
- Credentials
- noteThe only credential the SKILL.md requires is TWINFOLD_API_KEY, which is proportionate to a service integration. The submission-level metadata, however, contradicts this by listing no required env vars — the discrepancy should be resolved. Also note that providing the API key gives the skill the ability to create/update/publish posts and consume credits, so the key must be protected and ideally revocable/limited in scope.
- Persistence & Privilege
- okThe skill does not request always:true and is user-invocable with normal autonomous invocation allowed (platform default). It does not request system-wide config changes or persistent privileges beyond using the provided API key.