Skillv1.0.2

ClawScan security

Vn Market News Monitor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 24, 2026, 3:58 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill’s stated purpose (monitor Vietnam financial media) matches its instructions, but it references external APIs/variables (Brave API, ACTIVE_WATCHLIST, and prior snapshots) without declaring required credentials, storage, or how those are accessed — an incoherence that should be resolved before trusting it.
Guidance: This skill appears to do what it claims (monitor Vietnamese financial news), but there are important gaps you should address before installing: 1) Ask the publisher to clarify why 'Brave API access' is required, which endpoints are used, and whether an API key or credential is needed — these are not declared in the package. 2) Confirm how 'previous snapshots' are stored/retrieved (agent memory, external storage, or user-provided files) and whether that storage requires credentials or persists outside your control. 3) Clarify how an ACTIVE_WATCHLIST is supplied (env var, explicit parameter, or file) and whether providing it would expose sensitive data. 4) Request explicit declarations of any environment variables or secrets the skill needs and a data-handling statement describing what is fetched, logged, or transmitted. If the publisher updates the manifest to list required credentials and storage paths and documents the Brave API usage, the incoherence would be resolved and the skill would look much safer. In the meantime, avoid supplying unknown API keys or persistent secrets to this skill.

Review Dimensions

Purpose & Capability: okName, description, and runtime instructions are consistent: the skill fetches headlines from listed Vietnamese financial sites and derives sector/ticker narratives. No unrelated capabilities (cloud/deployment/etc.) are requested.
Instruction Scope: noteInstructions are specific about fetching, de-duplicating, tagging, and confidence rules. However they reference comparing with a 'previous snapshot' and accepting an 'ACTIVE_WATCHLIST' provided by the user without specifying where snapshots are stored or how a watchlist is supplied. They also require 'Brave API access' in the compatibility header but give no guidance on API endpoints, auth, or why Brave (vs. standard web fetch) is needed.
Install Mechanism: okInstruction-only skill with no install spec or code to write to disk. This is low risk from an installation perspective.
Credentials: concernSKILL.md implies dependency on the 'Brave API' and on an 'ACTIVE_WATCHLIST' input, but requires.env lists none and the registry shows no primary credential. That mismatch means required credentials or config may be missing from the manifest (or the instructions assume agent/platform-provided access). This is disproportionate and unclear.
Persistence & Privilege: okalways:false and no install or code means the skill does not request persistent system presence or elevated privileges. No indications it modifies other skills or system settings.