Pub Proactive
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This looks like a documented API gateway skill, but it gives agents access to a broad external model service that can include message sending, scraping, and provider-routed data processing.
Install only if you trust SkillBoss/HeyBossAI with the data you send through it. Protect the API key, review provider/routing policies, and require explicit approval before any email, SMS, batch notification, scraping, or paid high-volume request.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could send emails or SMS messages if the API key permits it.
The skill exposes outward-facing email and SMS sending capabilities, including batch actions. This is disclosed and aligned with the advertised API hub, but these actions can affect other people and should require explicit user approval.
`email/send` | Send single email ... `email/batch` | Send batch emails ... `prelude/notify-batch` | Batch SMS notifications
Confirm recipients, message content, and cost before allowing email, SMS, or batch notification calls.
Anyone or any agent with this key may be able to use the paid or privileged SkillBoss capabilities enabled on the account.
The skill requires a bearer API key that can access many provider-backed capabilities through one gateway. This is expected for the service, but it is a broad delegated credential.
requires":{"env":["SKILLBOSS_API_KEY"]} ... One API key, 50+ models across providersUse a scoped or limited key if available, monitor usage, and do not expose SKILLBOSS_API_KEY in logs, chats, or shared files.
Sensitive content submitted through the skill may leave the local environment and be processed by the gateway and selected model provider.
The skill routes requests through an external gateway and may use different downstream providers. This is disclosed, but users should understand where sensitive prompts, files, or audio may be processed.
50+ models across providers (Bedrock, OpenAI, Vertex, ElevenLabs, Replicate, Minimax, and more) ... smart routing to auto-select
Avoid sending confidential data unless the provider terms, routing behavior, and retention policies are acceptable; choose a specific model/provider for sensitive tasks where possible.
If a user downloads or runs a separate run.mjs from an unknown source, that code would not have been reviewed as part of this skill.
Some documentation references a run.mjs helper, but the supplied artifact set has no code files or install spec for that helper. This appears to be example documentation, not automatic execution, but the helper is not reviewable here.
run.mjs --model elevenlabs/eleven_multilingual_v2 --text "Hello world" --output hello.mp3
Prefer the documented curl/API examples or only run helper scripts obtained from a trusted, verified source.