Back to skill
Skillv1.0.0
ClawScan security
ClawMart Creator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 16, 2026, 2:39 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions and API usage are coherent with a ClawMart creator tool, but the package metadata omits the CLAWMART_API_KEY requirement and the skill has unknown provenance (no homepage), so there are transparency and provenance concerns you should resolve before installing.
- Guidance
- This skill appears to do what it says (talk to ClawMart's API to create/update listings) but there are two transparency issues: the SKILL.md requires CLAWMART_API_KEY while the registry metadata does not declare it, and the skill has no listed homepage or verifiable source. Before installing, ask the publisher for provenance (who published it, a homepage or repo), insist the manifest be updated to list CLAWMART_API_KEY as a required credential, and only provide an API key with the least privilege necessary (prefer a dedicated creator key or a key you can easily revoke). Do not paste your key into chat output; follow the guardrail in SKILL.md to avoid exposing it. If possible, test with a sandbox/limited account and rotate/revoke the key after initial use. If the publisher cannot provide provenance or update the metadata, treat the skill as higher risk and avoid installing it.
Review Dimensions
- Purpose & Capability
- noteThe SKILL.md behavior (creating/updating listings via https://www.shopclawmart.com/api/v1/ and requiring a CLAWMART_API_KEY) matches the stated purpose of a ClawMart creator. However, the registry metadata lists no required environment variables or primary credential while the runtime instructions explicitly require CLAWMART_API_KEY — a manifest/metadata mismatch that reduces transparency.
- Instruction Scope
- okThe runtime instructions stay within the stated purpose: they describe listing checks, calls to /me, /listings, /listings/{id}/versions, package generation (SOUL.md, MEMORY.md, SKILL.md), and require explicit user confirmation before publishing. They do not instruct reading arbitrary system files or unrelated credentials. The only external dependency is the CLAWMART_API_KEY referenced in SKILL.md (not declared in metadata).
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, so nothing is being downloaded or installed. That reduces the attack surface compared with skills that pull remote archives or binaries.
- Credentials
- concernThe SKILL.md requires a CLAWMART_API_KEY (format cm_live_...) for API calls, which is appropriate for the task. However, the manifest/registry metadata fails to declare that required env var or any primary credential. The missing declaration is a transparency issue: users won't see in advance that a secret is needed. There are no other unexplained secret requests.
- Persistence & Privilege
- okThe skill does not request always:true and makes no install-time changes. It is user-invocable and allows normal autonomous invocation (disable-model-invocation=false), which is the platform default; there is no evidence the skill requests elevated or persistent privileges beyond using an API key.