Skillv1.0.0

ClawScan security

Tesla Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 6, 2026, 1:19 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions mostly match its stated purpose, but there are two notable concerns: it tells you to curl | sh a script from GitHub to install teslacli, and the registry metadata is inconsistent about the required environment variable (AGENTGEN_API_KEY).
Guidance: This skill appears to be what it says (a wrapper around a tesla-cli workflow) but has two things to watch: (1) It asks for an AgentGen API key because it uses AgentGen to host the public key and handle headless OAuth — you must trust AgentGen with hosting and callbacks. (2) The install instruction uses curl | sh to run a remote script from GitHub; don't run it blindly. Before installing, inspect the install.sh in the referenced repository, verify the repo and recent commits, confirm the AgentGen service and its API key scope, and consider running the tool in an isolated environment (VM/container). Also confirm the registry metadata vs SKILL.md discrepancy about AGENTGEN_API_KEY. If you are uncomfortable trusting AgentGen or running a remote install script, do not install this skill or only proceed after manual review of the installer and repo.

Review Dimensions

Purpose & Capability: noteThe skill's name/description (connect and control Teslas via teslacli) aligns with its instructions: it requires the teslacli binary, guides key generation, AgentGen hosting, Tesla developer creds, and OAuth. However, registry metadata says "Required env vars: none" while the SKILL.md and metadata inside it declare AGENTGEN_API_KEY as the primary credential; that mismatch should be clarified.
Instruction Scope: noteSKILL.md stays within the Tesla-control scope: it instructs running teslacli setup, generating a P-256 keypair stored in ~/.config/teslacli/, registering with Tesla, and using AgentGen to host the public key for headless OAuth. It explicitly warns not to transmit the private key. The only scope concern is that AgentGen hosting is used for OAuth redirects/public key serving — that delegates part of the auth flow to a third party, which is expected for this design but requires trust in AgentGen.
Install Mechanism: concernAlthough the SKILL.md provides an install command, the registry reported no install spec — a discrepancy. The install command is a curl -fsSL from raw.githubusercontent.com piped to sh; executing a remote install script (curl | sh) is a high-risk operation even when hosted on GitHub because it runs arbitrary code on your machine. The GitHub URL appears to be the project repo (Agent-Gen-com/tesla-cli), which makes the source more discoverable, but you should still inspect the script before running it.
Credentials: noteRequesting AGENTGEN_API_KEY as the primary credential is proportionate to the described behavior (provisioning a public subdomain/hosting the public key for headless OAuth). No other unrelated credentials are requested. Still, this grants a third party ability to host endpoints and potentially relay OAuth callbacks—you should verify AgentGen's trustworthiness and scope of that API key. Also note the registry-level metadata omission of required env vars is inconsistent with SKILL.md.
Persistence & Privilege: okThe skill does not request always:true and does not claim system-wide privileges. It will create local config in ~/.config/teslacli/ (tokens and key files), which is expected for this use. The skill does not request modification of other skills or global agent settings.