Skillv0.6.0

ClawScan security

The Hive · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 10:55 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's runtime instructions legitimately require an API key and will send user prompts and extracted agent knowledge to an external service, but the registry metadata omits that required credential and the instructions encourage posting potentially sensitive internal data — proceed only after understanding the privacy/authorization implications.
Guidance: This skill will send each prompt (and optional onboarding contributions) to an external service identified by HIVE_API_URL using an API key (HIVE_API_KEY). Before installing: - Treat this as a data-sharing decision: do not enable on agents that handle sensitive, private, or regulated data unless you accept that those prompts may be transmitted. - Confirm the publisher and read The Hive's privacy/security policy and retention rules (the SKILL.md asserts server-side PII scrubbing, but you should verify). - Ask the publisher to correct the registry metadata to declare HIVE_API_KEY as a required credential so tools and users can audit required secrets at install time. - Use a scoped/revocable API key with limited permissions and test with non-sensitive sample prompts first. - If you must run onboarding, review what your agent will extract and contribute; disable onboarding or skip categories that could leak confidential information. - Avoid running the optional npx CLI without reviewing its code; fetching packages with npx downloads and executes third-party code. If you need help assessing whether your agent's traffic/outputs contain sensitive info, run a small controlled experiment (dummy data) and inspect what gets posted to the Hive endpoints before enabling broadly.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (shared knowledge layer) aligns with making API calls to a remote service and wiring pre-task hooks. However the SKILL.md clearly requires HIVE_API_KEY (and optionally HIVE_API_URL), while the registry metadata lists no required environment variables or primary credential — this mismatch is an incoherence developers should correct or explain.
Instruction Scope: concernRuntime instructions explicitly send the user's prompt (before each task) to the external API and instruct agents to POST onboarding/contribution data back. That means user prompts, agent-internal knowledge, and any extracted artifacts may be transmitted to the Hive service — this is within the skill's claimed purpose but is a significant data-exfiltration/privacy action that users must explicitly accept.
Install Mechanism: noteThe skill is instruction-only (no install spec), so it doesn't install code itself. README mentions an optional npm CLI (npx @thehivecollective/hive-agent) which would download/execute third-party code if run — that is outside the skill but worth cautioning users about.
Credentials: concernSKILL.md requires HIVE_API_KEY and references HIVE_API_URL, which are proportionate to the service integration. But the registry metadata did not declare these required env vars/primary credential — this omission is a packaging/information inconsistency that reduces transparency and could hide where secrets will be used.
Persistence & Privilege: okThe skill does not request always:true, has no install step that writes persistent/background daemons, and only instructs the agent to add pre-task hooks to its own config files. That behavior is expected for a hooks-based integration and does not itself escalate privileges.