Skillv0.0.11

ClawScan security

yourbro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 12:25 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and instructions are coherent with its stated purpose (publishing encrypted pages via a local agent) but it asks you to run a downloaded native binary from the vendor site and the SKILL.md has a few small inconsistencies you should verify before installing.
Guidance: This skill appears to do what it says: it expects a local yourbro-agent binary and a yourbro API token and will publish pages by writing directories under /data/yourbro/pages/. Before installing, verify the following: 1) Confirm the download URLs and binary checksums/signatures (ask the vendor or prefer an OS package/repository or building from source) because running a downloaded native executable grants code execution on your machine. 2) Be comfortable with a background agent maintaining an outbound WebSocket to api.yourbro.ai (it must be online to serve pages). 3) Note the SKILL.md references YOURBRO_SERVER_URL even though the registry lists only YOURBRO_TOKEN — ensure you understand which env vars the agent will actually use. 4) Keep sensitive content out of public pages and verify sharing behavior (Google-account sharing and access codes) before using. If you need higher assurance, request vendor-signed releases, checksum verification, or source code to audit/build yourself.

Review Dimensions

Purpose & Capability: okThe skill is for publishing E2E-encrypted pages via a local agent. Requiring a yourbro-agent binary and a YOURBRO_TOKEN API token is consistent with that purpose; the file paths (/data/yourbro/pages/...) and pairing workflow match the description.
Instruction Scope: noteRuntime instructions explicitly tell the agent to create and write files under /data/yourbro/pages/{slug}/ and to run yourbro-agent and set YOURBRO_SERVER_URL. Writing files to that directory is expected for this skill, but SKILL.md references an additional env var (YOURBRO_SERVER_URL) that is not declared in the registry requires.env. No instructions direct the agent to read unrelated system files or exfiltrate data to third parties beyond yourbro.ai.
Install Mechanism: noteThe SKILL.md includes download install entries that fetch architecture-specific executables directly from https://yourbro.ai/releases/latest/..., which is the vendor domain (not a widely-adopted release host like GitHub). Direct binary downloads are higher-risk than package-manager installs because they run native code on your machine; no checksums/signatures are provided in the instructions.
Credentials: okOnly one credential is required (YOURBRO_TOKEN) and it is declared as the primary credential. That matches the service's need for an API token. No unrelated secrets or multiple credential sets are requested.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges. It instructs how to run the agent as a background service (systemd/launchd), which is reasonable for a long-running local agent but does entail granting the downloaded binary persistent execution on the host.