Back to skill
Skillv1.0.0
ClawScan security
Social Proof Collector · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 13, 2026, 4:39 PM
- Verdict
- Review
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (collecting reviews) matches its instructions, but the runtime instructions ask for web scraping of multiple platforms and an external Brave Search API without declaring any required credentials or endpoints, which is inconsistent and raises privacy/ToS concerns.
- Guidance
- This skill's goal (gathering and formatting reviews) is plausible, but the instructions expect access to many review platforms and to the 'Brave Search API' while the package declares no credentials or endpoints. Before installing or using it, ask the author: (1) how will the skill obtain legitimate API access (Brave, Google Business, Yelp, Facebook)? Request explicit env var names and OAuth flows; do not provide credentials until you verify them. (2) Confirm whether it uses official APIs (recommended) or scrapes HTML — scraping can violate site Terms of Service and expose you to IP blocking or legal risk. (3) Where will alerts and scraped data be sent/stored? Ensure destinations are trustworthy and that PII (reviewer names, identifiers) is handled per privacy rules. (4) Ask for rate-limit and robots.txt behavior and for safeguards against collecting more data than needed. If the author cannot clarify these points, treat this skill as risky and avoid giving it access to real credentials or sensitive data.
Review Dimensions
- Purpose & Capability
- concernThe name and description (collect/reformat reviews) align with the SKILL.md. However, the SKILL.md requires scraping platforms that commonly need API access or authorization (Google Business Profile, Facebook, Yelp, etc.) and explicitly names the 'Brave Search API' as required — yet the skill metadata declares no required environment variables, credentials, or config paths. This mismatch (declared zero credentials vs. instructions that need API access or auth) is incoherent.
- Instruction Scope
- concernRuntime instructions explicitly direct collecting reviewer names, star ratings, text, and dates across many sites and 'monitoring' for new reviews. They give no guidance on using official APIs vs. scraping, do not mention respecting robots.txt or rate limits, and do not specify where alerts are sent or how credentials are obtained. The instructions are open-ended and could lead to broad web access and collection of personal data without safeguards.
- Install Mechanism
- okNo install spec and no code files are present; this lowers installation risk because nothing new will be written to disk by an installer. The security surface is the SKILL.md itself.
- Credentials
- concernThe SKILL.md lists a required 'Brave Search API' and suggests optional notification channels and web search capability, but the skill metadata requests no environment variables or primary credential. Also, platforms listed typically require API keys or OAuth tokens; the skill does not declare or justify any such credentials, nor does it explain how credentials would be provided, stored, or rotated. Collecting reviewer names and other identifiers is also sensitive and should be justified and scoped.
- Persistence & Privilege
- okalways is false and there are no config paths or install actions that persist or modify other skill/system settings. The skill does not request elevated or permanent platform privileges in its metadata.