Back to skill
Skillv0.1.2
ClawScan security
MangaDex CLI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 4:53 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose, install steps, and runtime instructions are consistent: it installs and runs an npm-based MangaDex CLI and does not request unrelated credentials or system access.
- Guidance
- This skill appears to do what it claims, but before installing: 1) verify the npm package @mtsku/mangadex-cli (publisher, repository, and recent downloads/reviews) to reduce supply-chain risk; 2) prefer using tokens over passing username/password on the command line (CLI args can leak via process lists and shell history); 3) check where the CLI stores auth tokens or config files on disk and ensure appropriate permissions; 4) if you want to reduce risk, install or run the package in an isolated environment (container or VM) rather than globally on your primary system.
Review Dimensions
- Purpose & Capability
- okName/description, required binary (node), and install spec (@mtsku/mangadex-cli -> mangadexcli) align with the listed commands (search, manga/chapter info, feed, auth). Nothing requested appears unrelated to a MangaDex CLI.
- Instruction Scope
- noteSKILL.md restricts the agent to running mangadexcli commands and basic installation checks. It documents auth flows (client id/secret, username/password, token) but does not instruct the agent to read arbitrary system files or environment variables. It does not say where tokens/credentials are persisted locally—so credential storage behavior is unknown and should be checked before trusting long-lived tokens.
- Install Mechanism
- noteInstallation is via an npm package (@mtsku/mangadex-cli) installed globally (npm install -g). Using the public npm registry is standard but carries the usual supply-chain risk: the package owner/source should be verified before global installation because npm packages run code on install and at runtime.
- Credentials
- okThe skill declares no required environment variables or config paths. The documented auth commands accept credentials as CLI args or tokens, which is proportionate to the feature set. However, the skill does not declare where/if those credentials are stored, so you should verify storage location and permissions.
- Persistence & Privilege
- okalways is false and no system-wide config paths or other skills' configs are modified. The only persistent action implied is a global npm install of the CLI binary, which is expected for a CLI skill.