Skillv1.0.0

ClawScan security

AI Content Repurposer Pro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 19, 2026, 3:07 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement the stated content-repurposing features and only asks for an OpenAI API key, but there are inconsistencies (code files included yet no install spec, missing upstream/source/homepage in registry metadata, and a package/engine mismatch) that warrant caution and a closer review before installing.
Guidance: This package mostly matches its stated purpose: it converts user-provided transcripts and fetched blog pages using OpenAI. Before installing, do these checks: 1) Verify provenance — confirm the GitHub repo and homepage links actually exist and match the published package (metadata inconsistencies were observed). 2) Inspect src/converter.js and any network code to ensure requests go only to expected endpoints (OpenAI and fetched blog URLs) and there are no hardcoded, unexpected external endpoints. 3) Check the package.json / package-lock engine and dependency mismatches (cheerio's engine vs package.json node requirement) to avoid runtime surprises. 4) Run the tool in a sandbox or with a dedicated OpenAI key (not a high-privilege/shared key) and consider restricting network access if you want to test for exfiltration. 5) If you aren't comfortable reviewing code, prefer to obtain this skill from a verified source/homepage or wait for a published ClawHub listing with a validated repository. Providing the full src/converter.js and test outputs would increase confidence and allow a re-evaluation.
Findings: [pre_scan_injection] expected: Scanner found no injection or obvious malicious regex matches. Absence of findings is not a guarantee of safety — full review of src/converter.js (truncated in the package listing) is still recommended.

Review Dimensions

Purpose & Capability: noteName, README, SKILL.md, and the CLI commands align with a content-repurposing tool; required env var (OPENAI_API_KEY) is consistent with using OpenAI. However, the registry metadata at the top lists 'Source: unknown' and 'Homepage: none' while clawhub.json and package.json claim a GitHub repo and a homepage — this mismatch in provenance should be checked. Also the package includes extensive marketing/publishing docs (COMPLETION_REPORT.md, LAUNCH_CHECKLIST.md) which is unusual but not harmful.
Instruction Scope: okRuntime instructions (SKILL.md) are scoped to converting user-provided transcripts, fetching blog pages by URL, and using the OpenAI API; CLI code reads only user-specified files or fetched URLs. There are no instructions to read unrelated system files or environment variables beyond the declared OPENAI_API_KEY/AI_MODEL optional setting.
Install Mechanism: concernThe registry indicates 'No install spec — instruction-only', but the package actually contains executable code (bin/cli.js, src/converter.js) and a package.json with npm install instructions. That mismatch is an incoherence: either the skill should include an install spec or the registry listing should reflect that it contains executable code. Additionally package-lock.json indicates many dependencies and a cheerio package metadata that requires a newer Node engine (node >=20.18.1) while package.json lists node >=18.0.0 — this engine mismatch could cause install/runtime problems.
Credentials: okThe only required credential is OPENAI_API_KEY (with an optional AI_MODEL env var), which is proportionate for an AI-powered repurposing tool. No unrelated secrets, system config paths, or other credentials are requested.
Persistence & Privilege: okThe skill does not request always:true and is user-invocable only. There is no evidence it attempts to modify other skills or system-wide agent settings. Normal autonomous invocation remains enabled (platform default).