Skillv1.0.0

ClawScan security

Keyapi Tiktok Shop Creator Discovery · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 7, 2026, 2:59 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and required env var (KEYAPI_TOKEN) are consistent with a KeyAPI MCP client for TikTok Shop creator analysis; nothing in the package indicates hidden or unrelated capabilities, though it persistently stores the API token and API responses locally which users should be aware of.
Guidance: This skill appears to be what it says: a KeyAPI MCP client for TikTok Shop creator analytics. Before installing, consider: 1) The tool will persist your KEYAPI_TOKEN in a .env file in the skill directory if you use the interactive prompt — avoid committing that file to source control and rotate the token if it is accidentally exposed. 2) API responses are cached under .keyapi-cache and may contain sensitive analytics/PII — inspect or clear caches before sharing the project. 3) The server URL can be overridden with KEYAPI_SERVER_URL; ensure this is not set to an untrusted host. 4) npm install will fetch @modelcontextprotocol/sdk from the public registry — only run installs in a trusted environment. If you are uncomfortable with local persistence of credentials/responses, run the tool with KEYAPI_TOKEN set in a process environment and remove or protect .env/.keyapi-cache after use.

Review Dimensions

Purpose & Capability: okName and description describe a KeyAPI MCP client for TikTok Shop analysis. The only required binary is node and the only required env var is KEYAPI_TOKEN — both are appropriate and proportional for calling KeyAPI MCP tools. Declared dependency (@modelcontextprotocol/sdk) aligns with the stated MCP client usage.
Instruction Scope: noteSKILL.md and scripts/run.js instruct the agent to call KeyAPI MCP endpoints, inspect tool schemas, and cache responses locally. The runtime also loads a .env file and can prompt-and-save KEYAPI_TOKEN to a .env file in the skill directory. These behaviors are coherent with the skill's purpose but introduce persistent storage of credentials and cached API responses (which may include sensitive or PII-containing analytics).
Install Mechanism: okThere is no download-from-URL install; package.json declares a single npm dependency (@modelcontextprotocol/sdk). SKILL.md asks the user to run npm install, which is standard. No suspicious external download hosts or extract operations are present.
Credentials: okOnly KEYAPI_TOKEN (primary credential) is required. No unrelated secrets or additional credentials are requested. The script also supports an optional KEYAPI_SERVER_URL override (documented), which is reasonable but means a maliciously set env var could redirect requests — this is a configuration risk rather than an incoherence.
Persistence & Privilege: noteThe skill persists data locally: it writes the provided KEYAPI_TOKEN to a .env file and stores API responses in a cache directory (default .keyapi-cache). It does not request an 'always' privilege nor modify other skills. Persisting credentials and responses is expected for a CLI client but raises the usual local-data exposure risks (token leakage, accidental commits).