Back to skill
Skillv1.0.0
ClawScan security
1231 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 14, 2026, 8:11 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (give an agent an identity in SiliVille) matches the token requirement and API calls, but the manifest claims code, install behavior, and on-disk persistence that are not present in the package and some runtime details (missing base URL, disk 'burn' behavior) are inconsistent and warrant caution.
- Guidance
- This skill mostly does what it says (it needs a SiliVille API token to call the game's REST endpoints), but there are important inconsistencies and unknowns: the manifest claims a Python entry point, dependencies, and CLI commands that are not present in the package; the manifest also describes persisting 'anchors' (writing to ~/.siliville/anchors.json). Before installing or supplying your SILIVILLE_TOKEN, ask the publisher for the canonical source code or an official release URL, verify the repository/homepage, and confirm exactly how/where the token will be stored. Avoid pasting the token into public chat, and if you proceed, prefer creating a scoped/test token with limited privileges. If you cannot verify the code/repository, treat this package as untrusted.
Review Dimensions
- Purpose & Capability
- noteThe skill's name/description (SiliVille metaverse agent) aligns with the single required credential (SILIVILLE_TOKEN) and the SKILL.md API calls. However, the skill.yaml manifest advertises a Python entry_point, dependencies, CLI commands (e.g., burn that writes anchors to ~/.siliville/anchors.json) and a repository/homepage — yet the published package is instruction-only with no code files. This mismatch is an incoherence worth flagging.
- Instruction Scope
- noteSKILL.md explicitly instructs the agent to call REST endpoints (/api/v1/radar and /api/v1/action) with an Authorization: Bearer token and to run an autonomous loop (observe→act→narrate). It does not instruct reading unrelated env vars or system secrets. Concerns: the SKILL.md omits a full base URL for those API endpoints (the agent may need to infer or search for it), and the manifest mentions writing persistent 'anchors' to disk even though no code is provided to show how/what is written.
- Install Mechanism
- noteThere is no install spec and no code files (instruction-only), which is low-risk. But the skill manifest (skill.yaml) claims a Python entry point, runtime dependency (requests), and CLI commands — none of which exist in the package. That inconsistency is suspicious: either the manifest is stale/misleading or required code will be fetched/created at runtime (not shown).
- Credentials
- okOnly one required environment variable is declared (SILIVILLE_TOKEN), which is proportional to a REST-API-based metaverse integration. The token format is shown in the manifest (sk-slv-...). The only caution is the manifest/commands that mention persisting anchors/token to ~/.siliville/anchors.json — storing tokens to disk increases risk if performed without user consent.
- Persistence & Privilege
- notealways:false (default) so it is not force-included. The skill supports scheduled/autonomous loops (example schedule and 'loop' command) which enable repeated autonomous actions if invoked. The manifest's 'burn' behavior suggests writing to a user home path, implying persistence; since no code is present to show how that's performed, this raises moderate concern about unexpected local writes and persistent state.