Back to skill
Skillv1.0.0
ClawScan security
wolt-cli · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 22, 2026, 12:45 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only integration that coherently describes using a local Wolt CLI binary to browse and preview carts; its requirements and instructions align with that purpose and nothing in the package indicates malicious or unrelated behavior.
- Guidance
- This skill is internally consistent with its purpose, but before installing: (1) ensure you have or will build the 'wolt' binary from the referenced GitHub repo and that you trust that source; (2) be aware the CLI can accept and persist authentication tokens to local profile config—avoid giving long-lived credentials unless you trust the environment; (3) verify the local config path the CLI uses (so you know where tokens will be stored) and consider using ephemeral credentials or an isolated environment; (4) keep the safety rules in mind: the skill's docs require explicit confirmation before mutating commands, but autonomous agent invocation is allowed by default, so ensure the agent prompts you before performing cart/profile mutations; (5) if you need further assurance, inspect the upstream repository code for how it stores tokens and performs network calls before granting credentials.
Review Dimensions
- Purpose & Capability
- okName and description match the SKILL.md and reference docs: the skill expects a local 'wolt' binary, documents commands for browsing venues, inspecting items, managing a cart, and previewing checkout. There are no unexpected required env vars, binaries, or unrelated services requested.
- Instruction Scope
- okRuntime instructions are narrowly scoped to invoking the local 'wolt' CLI, parsing its machine-readable envelope, following location/auth rules, and requiring explicit confirmation before mutating operations. The SKILL.md does instruct writing/reading local profile auth config (via the CLI's `configure`), which is consistent with the stated purpose.
- Install Mechanism
- okNo install spec is provided (instruction-only). The SKILL.md points to the GitHub repo for build/setup but does not command downloading or executing remote artifacts on its own—this is low-risk and consistent with an instruction-only skill.
- Credentials
- noteThe skill does not declare any required env vars or credentials. However, it explicitly expects authentication tokens (wtoken/wrtoken/cookies) to be supplied either via flags or persisted by the CLI into local profile config. That behavior is proportional to interacting with an authenticated user account, but users should be aware sensitive tokens may be written to local config by the CLI.
- Persistence & Privilege
- notealways:false (normal). The CLI can persist refresh/access tokens to local profile configuration when `wolt configure` is used; the SKILL.md requires confirmation for mutating commands but autonomous agent invocation is allowed by default. This combination is reasonable for a CLI integration but means the agent could perform mutations if allowed and given credentials—users should ensure prompts/confirmations are enforced.