Back to skill
Skillv1.0.1
ClawScan security
ragora · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions align with its stated purpose (using Ragora via MCP or REST) and only ask for the single, expected API key; nothing in the skill attempts to access unrelated credentials, modify system state, or install arbitrary code.
- Guidance
- This skill is coherent and asks only for a Ragora API key. Before installing: ensure the RAGORA_API_KEY you provide is for the account you expect and has appropriate scope, store it in a secret manager (not in plaintext), and monitor billing/credits for pay-per-use marketplace collections. Remember that using this skill will send user queries and retrieved content to Ragora endpoints (mcp.ragora.app / api.ragora.app), so avoid sending sensitive secrets or private data to be searched unless you trust the service and have appropriate data-handling agreements. Rotate keys if you stop using the skill and review access logs on your Ragora account if available.
Review Dimensions
- Purpose & Capability
- okName/description match the requested resources and behavior. The skill only declares RAGORA_API_KEY as required and documents MCP/REST endpoints consistent with Ragora integration; there are no unrelated credentials, binaries, or config paths requested.
- Instruction Scope
- okSKILL.md instructs the agent to use Ragora MCP tools and REST endpoints (health checks, collections, search, billing) and to include source attribution and error handling. It does not instruct reading local files, scanning unrelated env vars, or sending data to endpoints outside the Ragora domains documented (mcp.ragora.app, api.ragora.app, ragora.app). It also explicitly warns not to print API keys.
- Install Mechanism
- okNo install specification or downloaded code — instruction-only skill. This minimizes disk/write risk and there are no external archives or installer URLs to inspect.
- Credentials
- okOnly one environment secret (RAGORA_API_KEY) is required, which is proportional and expected for an API-backed knowledge-base integration. The SKILL.md does not attempt to access other environment variables or unrelated credentials.
- Persistence & Privilege
- okSkill is not always-enabled, does not request system-wide changes, and is instruction-only (no code that would persist or modify other skills). The default agent autonomy (disable-model-invocation=false) is unchanged and expected for skills.