Back to skill
Skillv1.0.1
ClawScan security
Donotify Voice Call Reminder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 18, 2026, 4:24 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions align with its stated purpose (sending/scheduling voice call reminders via DoNotify); nothing requested or instructed appears disproportionate or unrelated.
- Guidance
- This skill appears coherent for calling/scheduling reminders via DoNotify. Before installing or using it: (1) only provide DONOTIFY_API_TOKEN to this skill and keep it secret; (2) verify DONOTIFY_URL is the official DoNotify domain (default is https://donotifys.com) so your token isn't sent to an unexpected server; (3) confirm the token's scope/minimum privileges with the DoNotify service; and (4) if you want extra assurance, check the DoNotify project/repository and publisher to validate authenticity before supplying credentials.
Review Dimensions
- Purpose & Capability
- okName/description (voice call reminders via DoNotify) match the declared requirements: an API token and a base URL plus outbound network permission. Those are exactly what a remote-notification integration would need.
- Instruction Scope
- okSKILL.md confines behavior to three API interactions (usage, call-now, reminders) using the declared env vars. It does not instruct the agent to read local files, other environment variables, or contact third-party endpoints outside the configured DONOTIFY_URL.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files to write or execute; lowest-risk install posture. package.json exists but contains only metadata and a repository URL.
- Credentials
- noteOnly DONOTIFY_API_TOKEN and DONOTIFY_URL are required, which is proportionate. Caution: DONOTIFY_URL is a configurable base URL — if set to an attacker-controlled host, the token could be sent to that host. Verify the URL points to the legitimate DoNotify service (default provided) and treat the API token as a secret with minimal scope.
- Persistence & Privilege
- okSkill is not always:true, does not request elevated or persistent system privileges, and does not modify other skills' configs. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.