Back to skill
Skillv1.0.2
ClawScan security
team-collaboration · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 4:16 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and declared surface are internally consistent with a local team-collaboration API client and do not request unrelated credentials or external downloads.
- Guidance
- This skill is a local HTTP client for a team-collaboration backend and appears coherent with that purpose. Before installing: (1) confirm you intend the agent to contact a local service at http://localhost:8080 — the skill will make real API calls (including create/update/delete) to whatever service is running there; (2) point it at a test or trusted instance to avoid accidental destructive operations; (3) review index.js if you want to confirm there are no remote endpoints beyond localhost; (4) note the skill saves an auth token in memory after login and will use it for subsequent requests (it does not request host environment secrets). If the package requested external network hosts, environment secrets, or downloads, that would increase risk — none of those are present here.
Review Dimensions
- Purpose & Capability
- okThe name/description (team collaboration: projects, tasks, bugs, docs, milestones) matches the provided SKILL.md, skill.json, and index.js functions. The code implements HTTP calls to a localhost backend exposing the expected endpoints (projects, tasks, bugs, documents, etc.), so required capabilities align with the stated purpose.
- Instruction Scope
- noteSKILL.md and index.js limit activity to a local backend (http://localhost:8080) and front-end (http://localhost:12345). The instructions and code only reference those local endpoints and defined API actions. Note: because the skill will call localhost endpoints, it can perform any action that remote endpoints expose (including create/delete operations); ensure it will be pointed at a trusted/test instance to avoid unintended destructive actions.
- Install Mechanism
- noteThere is no install spec (no downloads or package installs), which is low risk. However, the package includes an index.js file (server/client code) that will be executed by the platform when the skill runs — there is no external fetch or archive extraction. This is expected for a packaged client library, but the presence of code (versus purely prose SKILL.md) means you may want to review the file if you have concerns.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The code stores an in-memory token after login but does not request secrets from the environment or other unrelated services. The requested scope (none) is proportionate to a local API client.
- Persistence & Privilege
- okalways is false and model invocation is allowed (platform default). The skill does not request persistent system-wide privileges or modify other skills. It keeps a runtime token in memory only and does not write persistent credentials or config.