Back to skill
Skillv1.1.0
ClawScan security
Kosu · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 4:23 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions match its stated purpose (managing a Kosu queue via the Kosu API); nothing requested is disproportionate or unrelated.
- Guidance
- This skill is coherent for managing a Kosu queue. Before installing: (1) confirm you trust https://usekosu.com and fetch the SKILL.md over HTTPS; (2) create a dedicated, minimal-scope API key in Kosu and store it as KOSU_API_KEY; (3) review the openapi.json if you want to audit available endpoints; (4) be aware that any agent with this key can read and modify the user's Kosu items, so rotate or revoke the key if you stop trusting the agent. No other credentials or system files are requested by the skill.
Review Dimensions
- Purpose & Capability
- okName and description describe Kosu queue management and the skill only requires an API key (KOSU_API_KEY) and describes API endpoints on usekosu.com — this is proportional and expected.
- Instruction Scope
- okSKILL.md contains concrete instructions to call the Kosu API (curl examples, endpoints, auth header) and setup guidance. It does not instruct the agent to read unrelated files, harvest other credentials, or exfiltrate data to third-party domains.
- Install Mechanism
- noteThis is instruction-only (no install spec, no code files). The doc suggests downloading SKILL.md from https://usekosu.com/skill.md into ~/.openclaw/skills/kosu — writing that file to disk is normal, but users should verify the HTTPS source before saving. No package downloads or archive extraction are performed.
- Credentials
- okOnly the Kosu API key (KOSU_API_KEY) is referenced as the primary credential and is used solely for calls to usekosu.com. The skill explicitly warns to only send the key to usekosu.com and to create a dedicated minimal-scope key.
- Persistence & Privilege
- okalways is false (default) and the skill does not request system-wide config changes or other skills' credentials. It will operate when invoked and requires the user's Kosu API key to act on their account.