Skillv1.0.0

ClawScan security

PracticePanther API MCP · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 9:48 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's runtime instructions are narrowly scoped and require mcporter + a practicepanther-mcp binary, but the declared environment requirements don't explain how it will access PracticePanther (no API credentials) and there is no install/source information — this mismatch warrants caution.
Guidance: Before installing or running this skill: 1) Verify the provenance of the practicepanther-mcp binary (inspect the npm package @mjquinlan2000/practicepanther-mcp source and maintainer). 2) Ask the publisher how PracticePanther API credentials are supplied and stored — do not assume they are unnecessary; you should never provide your PracticePanther API key unless you understand where it will be stored and used. 3) Treat NODE_MCP_SECRET_KEY as sensitive — confirm it is only used locally and not exfiltrated. 4) Prefer installing from trusted package registries and reviewing package code (or running in an isolated environment) before granting network access. 5) If the publisher cannot explain where PracticePanther credentials live or provide a verifiable source/homepage, consider this skill suspicious and avoid installing it.

Review Dimensions

Purpose & Capability: concernThe skill claims to expose the PracticePanther REST API as read-only MCP tools, which reasonably implies the server will need PracticePanther API credentials. However, requires.env lists only NODE_MCP_SECRET_KEY (presumably an MCP auth secret) and no PracticePanther API key/token. It's unclear how the MCP server will authenticate to PracticePanther or where those credentials are supplied. That missing linkage is an unexplained inconsistency.
Instruction Scope: okSKILL.md contains only concise usage instructions for mcporter (list/call) and a link to an npm package. It does not instruct the agent to read unrelated files, environment variables, or system paths, nor to transmit data to unexpected endpoints. The runtime instructions themselves stay within the declared MCP usage boundary.
Install Mechanism: noteThis is an instruction-only skill with no install spec and no code files. That limits what was statically analyzable (scanner had nothing to inspect). The SKILL.md points to an npm package but does not provide an install step; the user must obtain the required 'practicepanther-mcp' binary themselves. That lack of provenance increases risk because the binary could come from an untrusted source.
Credentials: concernOnly NODE_MCP_SECRET_KEY is declared as required. An MCP server secret is plausible, but a tool that proxies PracticePanther's API would normally require PracticePanther credentials (API key/token) or document where those are provided. The absence of declared PracticePanther credentials or config paths is disproportionate to the stated purpose and leaves unanswered how external API auth is handled.
Persistence & Privilege: okThe skill does not request always:true, does not claim to modify other skills or system settings, and declares no config paths. It appears to have normal, ephemeral privileges consistent with an optional MCP helper.