Back to skill
Skillv1.0.0
ClawScan security
Fly · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 4:38 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope are consistent with a flyctl CLI helper — nothing requested is out of proportion — but it advises executing a remote install script and will cause CLI-authenticated actions, so review before use.
- Guidance
- This skill appears to be a straightforward flyctl command reference and is internally consistent. Before installing/using it: (1) Prefer installing flyctl via your package manager (brew/apt) instead of running curl | sh; (2) Be aware the skill instructs running 'fly auth login' — that creates and stores Fly.io credentials/tokens on the machine; (3) The skill enables commands that can be destructive (apps destroy, volumes destroy, secrets set/unset, ssh console), so require confirmation before executing destructive operations and avoid giving the agent blanket autonomous rights if you don't trust it; (4) If you want tighter control, install flyctl yourself and only allow the skill to suggest commands rather than execute them automatically.
Review Dimensions
- Purpose & Capability
- okName and description (manage Fly.io via flyctl) match the SKILL.md content: commands for apps, deploys, machines, volumes, secrets, certs, SSH, and proxy are directly relevant.
- Instruction Scope
- noteSKILL.md stays within the Fly.io/CLI domain and does not request unrelated files or credentials. It does instruct use of SSH/proxy and running arbitrary flyctl commands (e.g., fly ssh console), which is expected for this purpose but grants the agent capability to run arbitrary commands on apps once authenticated.
- Install Mechanism
- noteNo install spec in the registry (instruction-only), but SKILL.md recommends installing flyctl via Homebrew or by piping https://fly.io/install.sh into sh. The fly.io URL is the official domain (expected), but curl | sh is a higher-risk pattern because it executes a remote script without local inspection.
- Credentials
- okThe skill declares no required env vars or credentials. It does instruct the agent/user to run 'fly auth login' which will create auth state/tokens for flyctl — this is expected and proportional to the stated functionality.
- Persistence & Privilege
- okalways is false and autonomous invocation is the platform default. The skill does not request persistent system-wide privileges or modify other skills' configurations.