Beeper API CLI
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This Beeper messaging skill is mostly coherent, but it relies on a missing unreviewed local executable while also handling a broad chat API token and message-sending authority.
Review carefully before installing. The messaging use case is legitimate and the send-approval policy is good, but the actual Beeper executable is missing from the reviewed package and the skill needs a powerful Beeper API token. Only proceed if the executable provenance is clarified and you are comfortable granting access to your connected chats.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or using the skill could hand your Beeper token and messaging actions to an executable that was not available for review in these artifacts.
The wrapper delegates all real work to a hardcoded executable that is not included in the supplied file manifest and has no install specification or provenance, despite the skill using chat account credentials and send/read authority.
BEEPER_CLI="/Users/ashrafali/clawd/skills/beeper-api-cli/beeper" ... exec "$BEEPER_CLI" "$@"
Do not use until the actual Beeper CLI binary source, install method, checksum or package provenance, and expected path are declared and reviewable.
An unintended send could message contacts on WhatsApp, Telegram, Signal, Instagram, LinkedIn, Facebook Messenger, or other connected services.
The skill exposes message sending across connected chat networks. The approval policy is clear and appropriate, but the capability can have real-world impact if not followed.
NEVER SEND ANY MESSAGE WITHOUT EXPLICIT USER APPROVAL ... beeper.sh send --chat-id <chat-id> --message "Your message here"
Require the agent to show the exact message and destination, then wait for your explicit approval before every send.
The token can allow access to your Beeper Desktop API, including private messages and sending ability for connected accounts.
The wrapper requires and uses a Beeper bearer token, while the registry metadata declares no required environment variables and no primary credential.
: ${BEEPER_TOKEN:?"BEEPER_TOKEN must be set in environment"} ... curl -s -f -H "Authorization: Bearer ${BEEPER_TOKEN}"Set the token only in a trusted environment, keep BEEPER_API_URL pointed at localhost or another trusted host, and prefer metadata that explicitly declares the required credential.
Private chat content may be shown to the agent, and messages from other people could try to influence the agent's behavior.
The skill is intended to retrieve chat messages into the agent's context. Those messages may contain private data or third-party text that should be treated as data, not instructions.
Get recent messages for context ... Search across all chats
Limit retrieval to chats needed for the task and instruct the agent to ignore instructions found inside retrieved messages unless you confirm them.
A read or list command can start Beeper Desktop and make the local API available if your token is set.
Invoking the wrapper can automatically launch Beeper Desktop if it is not already running. This is aligned with the skill's purpose but may surprise users.
if ! is_beeper_running; then ... open -a "Beeper Desktop"
Use the skill only when you expect Beeper Desktop to be opened and the local API to be contacted.