Skillv1.0.0

ClawScan security

HML Google Slides · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 3, 2026, 3:41 AM

Verdict: Review
Confidence: high
Model: gpt-5-mini
Summary: The skill appears to implement Google Slides operations, but it omits and hardcodes sensitive environment/config requirements (gog CLI, gog credentials file, default account and broad Google scopes), which is incoherent and worth caution.
Guidance: This skill will use the 'gog' CLI and your gog-stored OAuth credentials to act on Google Slides and Drive. Before installing, confirm: (1) you trust the skill author and the default account (the code defaults to david@hml.tech unless you set GOG_ACCOUNT); (2) you are comfortable that the script will export and read refresh tokens and client_id/client_secret from ~/.config/gogcli/credentials.json (the skill metadata did not declare this); (3) the recommended re-auth command requests wide Google scopes (gmail, calendar, etc.) — only grant scopes you intend. If you proceed, set GOG_ACCOUNT to your own account, inspect ~/.config/gogcli/credentials.json contents and permissions, and consider running the skill in an isolated or throwaway environment. Ask the publisher to update metadata to declare the required 'gog' binary and the config path, and to explain why broad scopes and the hardcoded default account are necessary.

Review Dimensions

Purpose & Capability: noteThe name/description (Google Slides create/edit/export) matches the code and instructions: the script uses the Slides and Drive APIs and the SKILL.md documents expected commands. However the skill uses the external 'gog' CLI and reads gog's credentials file (~/.config/gogcli/credentials.json) even though the registry metadata declares no required binaries or config paths — a mismatch between declared requirements and actual needs.
Instruction Scope: concernSKILL.md instructs running gog commands and a re-auth that requests wide scopes (gmail,calendar,drive,docs,sheets,contacts,tasks,people). The runtime instructions and scripts perform token export via `gog auth tokens export`, read local credential files, and refresh OAuth tokens — actions beyond simply calling Slides APIs. The skill also hardcodes the account 'david@hml.tech' as the default, which is unexpected and could lead to confusion or accidental use of another user's account.
Install Mechanism: okNo install spec (instruction-only plus a bundled script). That minimizes supply-chain install risk. The script does call external CLI ('gog') at runtime instead of installing anything itself.
Credentials: concernThe script reads sensitive local state: it exports tokens to /tmp/gog_slides_token.json and reads ~/.config/gogcli/credentials.json (client_id and client_secret) to refresh OAuth tokens. The registry declared no required env or config paths, yet the code depends on them. SKILL.md also suggests re-authenticating with many Google scopes (including Gmail), which is broader than strictly necessary for Slides/Drive and is disproportionate unless explicitly justified. The default GOG_ACCOUNT value (david@hml.tech) is hardcoded and surprising.
Persistence & Privilege: okThe skill is not always-enabled and doesn't request special platform-level persistence. It doesn't modify other skills or system-wide settings. It does, however, read and write token data to /tmp and user config, which is normal for OAuth usage but should be noted.