Skillv1.0.2

ClawScan security

Starling Home Hub (Nest/Google Home) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 12, 2026, 5:16 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and included script align with its stated purpose (controlling a local Starling Home Hub); nothing requested or instructed is disproportionate or unrelated.
Guidance: This skill appears coherent and implements a local Starling Home Hub client via an included Bash script. Before installing: (1) only provide STARLING_API_KEY and the hub IP — treat that key as sensitive and create a least-privilege/read-only key if possible; (2) avoid passing the key with --key (visible in process lists); use the STARLING_API_KEY env var instead; (3) prefer supplying --cacert to pin the hub certificate rather than accepting -k (curl -k disables TLS verification and is acceptable only on a fully trusted local network); (4) never port-forward the hub ports to the internet; (5) snapshots are written with owner-only permissions by the script but still handle them carefully; (6) inspect scripts you run locally (scripts/starling.sh is included and readable) and ensure you trust the source before giving the agent access to your hub credentials. If you plan to allow autonomous agent actions, be aware the agent could issue commands to your hub while it has access to the API key — consider limiting the skill's use or the key's permissions accordingly.

Review Dimensions

Purpose & Capability: okThe name/description are consistent with the actual artifacts: SKILL.md documents a local REST API integration and the included script (scripts/starling.sh) implements calls to that API. Required inputs (HUB IP and API key) are exactly what a local Starling Developer Connect integration needs; no unrelated credentials, binaries, or config paths are requested.
Instruction Scope: okRuntime instructions are limited to setting STARLING_HUB_IP and STARLING_API_KEY and invoking the provided script. The SKILL.md and script only reference the hub API, snapshot files the user requests, and standard tooling (curl, optional jq). The script warns against passing keys on the command line and recommends secure handling; it does not read arbitrary system files or exfiltrate data to third parties.
Install Mechanism: okThere is no install spec (instruction-only) and the repository only includes a single Bash wrapper script and API reference. Nothing is downloaded from external URLs or installed automatically, so no unexpected install-time code is introduced.
Credentials: okOnly two environment variables are required: STARLING_HUB_IP (non-secret) and STARLING_API_KEY (secret). Both are necessary and appropriate for accessing the local hub. The SKILL.md and script use only these variables.
Persistence & Privilege: okalways:false and the skill is user-invocable (default). It does not request permanent presence, modify other skills, or access unrelated system configs. Note: autonomous model invocation is enabled by default (disable-model-invocation:false) but this is normal and not combined with other concerning flags.