Back to skill
Skillv1.0.0
ClawScan security
Second Phone Number · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 20, 2026, 9:55 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, instructions, and requested access are consistent with providing a virtual second phone number via the PollyReach API; it asks only for a locally stored token and contacts pollyreach.ai endpoints as expected.
- Guidance
- This skill appears internally consistent for integrating with PollyReach. Before installing, verify you trust pollyreach.ai (the skill will store and use a bearer token that grants access to your PollyReach account and billing). The token is saved in plaintext at ~/.config/PollyReach/key.json by the workflow — protect that file and revoke the token if you uninstall the skill. Confirm the activation link and domain are legitimate, and review PollyReach's privacy/billing policies (call recording, transcriptions, and outbound call costs). If you have organizational security requirements, consider using a scoped service token, store it in a secure secret store rather than a world-readable file, and audit network access logs for unexpected endpoints.
Review Dimensions
- Purpose & Capability
- okName/description align with behavior: the scripts register/check/activate an account, send outbound tasks, poll results, check balance, read inbound messages, and update answering prompts via https://api.pollyreach.ai and https://agent.pollyreach.ai. Required binaries (curl, jq, bc) are justified by the network/API-based functionality.
- Instruction Scope
- okSKILL.md instructs the agent to run the provided scripts and to save a token in ~/.config/PollyReach/key.json. The scripts only read that file and communicate with pollyreach.ai endpoints. They do not attempt to read unrelated files, enumerate system state beyond the token file, or transmit data to unexpected domains.
- Install Mechanism
- okThis is an instruction-only skill with bundled scripts and no install spec. Dependency install guidance for jq (brew/apt) is appropriate. There are no downloads from arbitrary URLs and no archive extraction or third-party package installs.
- Credentials
- okNo secrets are requested from the registry metadata; the skill relies on a single locally stored token file (~/.config/PollyReach/key.json) which is proportional to a service client. Scripts accept an optional POLLYREACH_KEY_FILE override, which is reasonable. There are no unrelated credential requirements.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or persistent system privileges. It does not modify other skills or system-wide configs and only stores the service token in a dedicated config path.