v1.0.3

Zernio API

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:02 AM.

Analysis

This is a coherent documentation-only API reference, but using it with real credentials can connect social accounts, publish posts, and send webhook data.

GuidanceThis skill appears safe as a documentation-only API reference. Before installing or using it with real credentials, verify that you trust the Zernio source, keep API keys and OAuth connections tightly controlled, and require explicit approval before publishing, deleting, bulk-uploading, or configuring webhooks on live social accounts.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

rules/posts.md

`publishNow: true` // Publish immediately; endpoints include `POST /v1/posts/bulk-upload`, `PUT /v1/posts/{postId}`, `DELETE /v1/posts/{postId}`.

The skill documents API calls that can immediately publish, bulk-create, update, or delete posts. This is aligned with a social scheduling API, but these are high-impact actions if executed with real credentials.

User impactIf the examples are run with a real API key, they can publish or change content on connected social accounts.

RecommendationRequire explicit confirmation before posting, deleting, retrying, or bulk-uploading content, and verify the target accounts, platforms, and content before sending requests.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The registry metadata does not independently identify a source or homepage for a skill presented as an official API reference. There is no code or install payload, so this is a provenance note rather than a behavior concern.

User impactUsers may need to verify the publisher before trusting the docs with real API keys or social account connections.

RecommendationConfirm the skill and API documentation through Zernio's official channels before using production credentials.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

rules/connect.md

`GET /v1/connect/{platform}` Start OAuth flow; `POST /v1/connect/bluesky/credentials`; `The Late bot must already be added as admin in your channel/group.`

The documentation covers OAuth, app-password, and Telegram admin-bot connection flows. These are expected for a cross-platform scheduler, but they delegate meaningful account or channel privileges.

User impactAPI keys, OAuth connections, app passwords, or bot admin access may allow Zernio to post through or manage connected social accounts.

RecommendationUse revocable credentials, verify the Telegram bot identity before granting admin rights, limit scopes where possible, and disconnect accounts or rotate keys when access is no longer needed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

rules/webhooks.md

`url`: `https://your-server.com/webhooks/zernio`, `secret`: `your_webhook_secret`; event `message.received` = New DM/message received.

Webhook configuration can send post, account, and message-related events to a user-specified server. The docs include signature verification, so the flow is disclosed, but it can carry sensitive social/account data.

User impactA webhook receiver may see post contents, account status changes, failures, and supported direct-message events.

RecommendationUse HTTPS webhook endpoints, keep webhook secrets private, verify signatures, and avoid sending message events to endpoints you do not control.