Skillv0.1.0

ClawScan security

Archon Lightning · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 14, 2026, 12:23 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior largely matches its description, but it relies on npx to fetch and run an unpinned CLI package at runtime, sources a local config file (~/.archon.env) that wasn't declared in metadata, and has no known homepage/source — these inconsistencies and runtime risks warrant caution.
Guidance: This skill appears to implement Lightning payments for Archon DIDs as advertised, but exercise caution before installing: - The scripts use 'npx @didcid/keymaster' without a pinned version; npx will fetch and execute code from npm at runtime. Prefer a pinned version or a locally installed, audited CLI to avoid supply-chain risk. - The scripts source ~/.archon.env (contains ARCHON_PASSPHRASE). That file contains secrets that control funds — only install if you trust the package source and have audited the keymaster code. - There is no homepage or authoritative source listed; verify the origin of the @didcid/keymaster package and the repository that produced this skill. If you can't verify, run in an isolated environment or sandbox and review the @didcid/keymaster package code and package.json (versions, maintainer, repository, integrity) before use. - Consider backing up wallet materials and using a hardware wallet or other mitigations if you will handle real funds. What would raise confidence: a published homepage/repository, an explicit install spec that pins a specific @didcid/keymaster release (or requires local CLI), and explicit declaration of the ~/.archon.env config path in metadata.

Review Dimensions

Purpose & Capability: okName/description, required env vars (ARCHON_WALLET_PATH, ARCHON_PASSPHRASE, ARCHON_GATEKEEPER_URL), and the provided scripts consistently implement Lightning wallet/invoice/pay/verify functionality via the @didcid/keymaster CLI. The requested binaries (node, npx, optional jq) are appropriate for the scripts.
Instruction Scope: noteRuntime instructions and scripts source ~/.archon.env for credentials and simply invoke npx @didcid/keymaster commands; they do not appear to read other unrelated system paths. However, the metadata lists no required config paths while all scripts explicitly 'source ~/.archon.env' — a mismatch that should be declared and reviewed because that file will contain sensitive secrets.
Install Mechanism: concernThere is no install spec, but the scripts invoke 'npx @didcid/keymaster' (no version pin). npx will fetch and execute code from the npm registry at runtime. Running an unpinned remote package each invocation is a material risk (remote code execution / supply-chain). Recommend pinning to a specific vetted version or requiring a locally installed CLI.
Credentials: noteRequested env vars are relevant to the stated purpose and the primary credential (ARCHON_PASSPHRASE) is appropriate but highly sensitive — possession enables wallet access and control of funds. The number of env vars is small and proportional, but the skill implicitly depends on ~/.archon.env (not declared), which may contain secrets beyond the declared variables.
Persistence & Privilege: okSkill is not always-enabled and does not request elevated platform privileges. It does not modify other skills or global settings. Autonomous invocation is allowed (platform default) but not an additional red flag by itself.