Nyne Enrichment
PassAudited by ClawScan on May 1, 2026.
Overview
This is a transparent Nyne API lookup skill, but it uses API credentials and can send/search for detailed personal contact and social data, so it should be used only with appropriate authorization.
Before installing, confirm you are comfortable sharing lookup identifiers with Nyne and receiving detailed personal contact/social data through the agent. Keep the API key restricted, avoid printing or logging secrets, use the optional newsfeed/deep-search features only when needed, and delete temporary result files after use.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent or terminal session may handle credentials that can access the user's Nyne account and consume API credits; partial secret output could also appear in logs or transcripts.
The skill requires provider credentials and even suggests printing partial key/secret prefixes for verification. This is expected for a Nyne API integration, but it is sensitive credential handling and is under-declared by the registry metadata.
**Required environment variables:**
- `NYNE_API_KEY` — your Nyne API key
- `NYNE_API_SECRET` — your Nyne API secret
...
echo "Key: ${NYNE_API_KEY:0:8}... Secret: ${NYNE_API_SECRET:0:6}..."Use a restricted Nyne key if available, avoid pasting secrets into chat, prefer `test -n "$NYNE_API_KEY"` style checks instead of echoing secret prefixes, and declare the credential requirement in metadata.
Lookup identifiers and returned personal contact/social data may pass through Nyne, the agent context, and any logs or transcripts created during use.
The skill sends person identifiers to an external provider and returns detailed personal/profile information. This is the disclosed purpose, but it is a sensitive external data flow.
Enrich any person by email, phone, LinkedIn URL, or name. Returns contact info, social profiles, work history, education, and optional social media posts.
Use the skill only for appropriate and authorized lookups, avoid unnecessary newsfeed/deep-search requests, and do not submit sensitive identifiers unless the user intends to share them with Nyne.
Enriched personal data may remain on disk after the task and could be exposed on shared or poorly secured systems.
The examples store enrichment responses in a predictable temporary file. Those responses can contain personal contact and profile data, and the artifact does not mention cleanup.
| nyne_parse > /tmp/nyne_enrich.json ... jq '.data.result' /tmp/nyne_enrich.json
Use a secure temporary file or working directory, delete `/tmp/nyne_enrich.json` after use, and avoid storing enriched results longer than necessary.