Skillv1.0.0

ClawScan security

case.dev · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 28, 2026, 6:41 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, required inputs, and behaviors are consistent with a CLI wrapper for the case.dev platform; it does not request unrelated credentials or perform unexplained actions, but follow normal cautions around installing third‑party CLIs and providing API keys.
Guidance: This skill appears to be a coherent set of instructions for using the third-party casedev CLI. Before installing or providing credentials: 1) Verify the CLI source — check the Homebrew tap and the GitHub repo/install script contents (do not run curl | sh unless you inspected it). 2) Prefer installing from a vetted package manager (Homebrew) and review the formula/repo. 3) Protect your CASE_API_KEY: don't paste it into chat; use a scoped key if available and set it as an env var or CLI config. 4) Be cautious with uploads — files you upload to the service (vaults) will be transmitted to case.dev. 5) Avoid using --api-url or --no-auth pointing to unknown endpoints unless you trust them. If you need higher assurance, ask the publisher for a homepage/repo and review the installer and CLI code before use.

Review Dimensions

Purpose & Capability: okThe name/description claim a CLI for case.dev plus sub-skills (OCR, vaults, transcription, search). The SKILL.md exclusively documents using the casedev CLI and related workflows (install, auth, upload, search, transcribe), which is coherent with the stated purpose.
Instruction Scope: noteInstructions tell the agent to run casedev CLI commands and to upload local files to vaults, check job status, and call raw API routes. These are within the expected scope. Notable points: the docs expose a raw API access mode (--api-url, --api-key, --no-auth) which allows pointing requests at arbitrary endpoints if the user supplies them, and workflows require uploading local files (expected for vaults/OCR/transcription). The SKILL.md mentions the config path (~/.config/case/config.json) and env var CASE_API_KEY but does not instruct reading unrelated system files.
Install Mechanism: noteThe package has no install spec (instruction-only). The docs recommend two common install paths: a Homebrew formula (casemark/casedev/casedev) and a GitHub raw curl | sh installer. Recommending curl | sh is a high-risk install pattern in general — it's an instruction to the user, not executed by the skill — so verify the Homebrew tap and review any install script before running it.
Credentials: okThe skill itself declares no required env vars, but the docs correctly instruct users/agents to provide a CASE_API_KEY for the service (sk_case_... prefix). Requesting a single API key for service access is proportionate. No unrelated credentials or broad system secrets are requested.
Persistence & Privilege: okThe skill is instruction-only, has no install mechanism performed by the platform, and does not request permanent inclusion (always:false). It references the CLI's local config path for storing an API key, but it does not instruct modifying other skills or system-wide settings.