Skillv1.0.0

ClawScan security

deso-research · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 9:44 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally coherent: it declares and uses the deso-ag CLI (installed via npm) and the optional environment variables it mentions map directly to the networks it claims to unlock.
Guidance: This skill appears to do what it says: it runs the deso-ag CLI to collect and analyze posts from decentralized social networks. Before installing or enabling it: (1) verify the npm package 'deso-ag' on npmjs.org — check the publisher, package version, README, and repository; (2) review the package source (or run the install in a disposable/container environment) because npm install scripts can execute code; (3) only set optional keys (NEYNAR_API_KEY, BLUESKY_IDENTIFIER, BLUESKY_APP_PASSWORD) if you trust the provider and understand they grant access to those networks; (4) be aware that the tool will fetch public posts (which may contain personal data or links) and present them to the agent — do not provide additional secrets unless required. If you want higher assurance, ask the skill author for the package repository link or request that the package be pinned to a known commit/sha before installing.

Review Dimensions

Purpose & Capability: okThe skill's name and description match its requirements and actions: it requires the deso-ag CLI and instructs the agent to run deso-ag commands to search/trend/term-extract across Farcaster, Lens, Nostr, and Bluesky. There are no unrelated binaries, env vars, or config paths required.
Instruction Scope: okSKILL.md contains concrete commands for deso-ag and guidance for parsing compact/json output for analysis; it does not instruct the agent to read arbitrary system files, exfiltrate data to unknown endpoints, or access unrelated credentials. It explicitly advises not to dump raw JSON and to inform the user which networks are available based on env vars.
Install Mechanism: noteThe install uses a public npm package (deso-ag) and installs a global binary. That is a normal mechanism for a CLI but carries the usual npm risks: install scripts can run arbitrary code and the package source/maintainer is unknown from SKILL metadata. Verify the package maintainer, review the package repository or code, and consider installing in an isolated environment if you plan to run npm install -g.
Credentials: okNo required environment variables are declared. The SKILL.md documents three optional env vars (NEYNAR_API_KEY, BLUESKY_IDENTIFIER, BLUESKY_APP_PASSWORD) that directly map to unlocking Farcaster and Bluesky functionality — these are proportional and justified. The skill checks and reports which networks will be used based on which variables are set.
Persistence & Privilege: okThe skill does not request always:true, does not declare config paths, and does not modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but the skill does not request elevated persistence or cross-skill privileges.