Skillv1.0.0

ClawScan security

Clawriosity · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 16, 2026, 11:11 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and runtime instructions are coherent with its stated purpose (a curiosity feed backed by Million Whys); it asks for only the service API key and to keep per-user question history in agent memory, which is reasonable for the stated features.
Guidance: This skill appears to be what it says: a Million Whys-powered curiosity feed. Before installing or pasting an API key, understand that: (1) the skill explicitly instructs the agent to store your MILLIONWHYS_API_KEY in the agent's environment/config — that key will persist in agent state and could be used by the agent until you remove or rotate it; (2) the skill will store question IDs and dates in the agent memory for deduplication (low-sensitivity, but persistent); (3) there is a small documentation mismatch (registry shows no required env vars while the skill uses a primary credential) — confirm how your agent platform stores and isolates per-skill secrets if you have privacy or multi-skill concerns. If you are uncertain, avoid pasting your Million Whys API key here, or rotate/revoke the key after trying the skill.

Review Dimensions

Purpose & Capability: okName/description (curiosity feed from Million Whys) match the documented behavior: querying millionwhys.com, offering quiz/article/podcast formats, anonymous vs registered modes, and an API key for higher quota. The primary credential (MILLIONWHYS_API_KEY) is appropriate for this integration.
Instruction Scope: noteThe SKILL.md instructs the agent to extract and persist a user-supplied API key into its environment/config and to save shown question IDs + dates in the agent's memory for deduplication. These are within the skill's functional scope, but the instructions explicitly tell the agent to store secrets and user history — users should understand that these values become part of agent state/memory.
Install Mechanism: okNo install spec and no code files (instruction-only). That minimizes risk because nothing is downloaded or written by an installer.
Credentials: noteThe only sensitive value referenced is MILLIONWHYS_API_KEY, which is proportional to the service being used. Minor metadata inconsistency: registry header listed 'Required env vars: none' while the skill declares a primary credential (MILLIONWHYS_API_KEY). This is likely a documentation mismtach rather than malicious behavior.
Persistence & Privilege: okalways:false (default) and autonomous invocation is normal. The skill asks the agent to persist the user's API key and a record of shown question IDs in the agent's memory/config. Persisting the API key is a legitimate configuration task but does grant long-term access to that credential within the agent environment.