Back to skill
Skillv0.5.4
ClawScan security
wolt-cli · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 20, 2026, 9:12 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only wrapper for a local Wolt CLI and its requirements and behaviors are consistent with that purpose; it asks the agent to run the local 'wolt' binary and to read/write local profile credentials, which matches the described functionality.
- Guidance
- This skill is a set of runtime instructions for using a local 'wolt' CLI. Before installing/using: 1) ensure you actually have the 'wolt' binary available and trust the referenced GitHub repo if you plan to build it; 2) understand that authenticated commands require Wolt tokens/cookies and that the CLI will read/write a local profile config (so don't provide credentials you don't trust or want persisted); 3) confirm any mutation (cart/address/favorites) prompts before proceeding — the skill itself advises doing so; and 4) if you do not want the agent to fetch or build software from the network, explicitly deny any automated install/build steps because the skill provides no install spec.
Review Dimensions
- Purpose & Capability
- okName/description (control a local Wolt CLI) matches the instructions: the SKILL.md exclusively documents running a local 'wolt' binary, using profile tokens, location flags, and read/mutate commands. There are no unrelated credentials, binaries, or services requested.
- Instruction Scope
- noteThe instructions are focused on invoking the local 'wolt' binary, using JSON output, parsing the envelope, and being read-only by default. They explicitly require confirmation before mutations and warn that 'checkout preview' is not order placement. One minor omission: the skill implies reading/writing a local profile config (persisting refreshed tokens) but does not declare the exact config path(s) the CLI will use; this is plausible for the stated purpose but worth noting.
- Install Mechanism
- okNo install spec is provided (instruction-only). The SKILL.md points to a GitHub repo for setup/build details but does not include any download/extract steps in the skill itself, which keeps the skill's install risk low. If the agent attempts to fetch/build the binary, that action would be outside this skill's explicit instructions.
- Credentials
- okThe skill declares no required environment variables or external credentials. It documents use of service tokens/refresh-tokens and cookie flags for the Wolt CLI (expected for interacting with a user account). These are proportionate to a tool that manipulates a Wolt account; there are no unrelated secrets requested.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or persistent platform privileges. The only persistence implied is the CLI's normal local profile config (storing tokens), which is appropriate for a CLI that manages account state.