Vajra
ReviewAudited by ClawScan on May 1, 2026.
Overview
This skill is coherent and disclosed, but it sends submitted content to Vajra and creates cached/public analysis reports, so users should avoid private material.
This appears safe to install for public-content fact checking. Before using it, make sure you are comfortable sending the submitted URL or text to Vajra, and do not submit private, proprietary, or personally identifying material unless you accept the public permalink and server-side caching behavior.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user submits private, proprietary, or personally identifying text, the resulting analysis may leave their control and be available through a public permalink.
The skill clearly discloses that submitted content is sent to an external provider and that analysis outputs may be cached and publicly accessible.
Content you submit (URLs, text) is transmitted to Vajra's servers for analysis. ... Analyzed content is cached server-side. ... Every analysis generates a public permalink
Use the skill only for public or non-sensitive content unless the user explicitly accepts Vajra's caching and public-link behavior.
The agent can use the configured Vajra account and consume available analysis credits when running the skill.
The skill requires a Vajra API key and uses it to authenticate requests to the Vajra API, which is expected for this service integration.
"requires": { "env": ["VAJRA_API_KEY"] } ... Authorization: Bearer $VAJRA_API_KEYConfigure only the intended Vajra API key, monitor credit usage, and rotate or remove the key if the skill is no longer needed.