Skillv1.1.2

ClawScan security

Teleskopiq · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 1, 2026, 8:47 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely matches its stated purpose (managing YouTube scripts via a GraphQL API) but the package metadata and runtime files disagree about required environment variables and origin, which is an incoherence worth investigating before install.
Guidance: This skill appears to implement what it claims (a Teleskopiq GraphQL client) but there are packaging inconsistencies you should resolve before installing: skill.json and SKILL.md require a secret TELESKOPIQ_API_KEY and list a homepage, yet the registry metadata provided here omitted those. Before use, verify the publisher and homepage (https://teleskopiq.com), confirm you trust that service, and only provide an API key with the least privileges needed. Note there is no automatic installer — the script depends on Python and the requests/websocket-client packages. Review network traffic policy for your environment because the skill will send full script content and prompts to the remote API (this may include sensitive or private information you include in prompts). If you decide to proceed, consider creating a dedicated API key that can be revoked and run the skill in a minimal-privilege environment.

Review Dimensions

Purpose & Capability: noteThe SKILL.md and scripts/teleskopiq.py clearly implement a GraphQL-based client that needs a TELESKOPIQ_API_KEY and optional TELESKOPIQ_ENDPOINT — this is coherent with the skill's description. However, the top-level registry metadata included with the evaluation initially reported "no required env vars" and no homepage, while skill.json and SKILL.md declare TELESKOPIQ_API_KEY (required) and a homepage (https://teleskopiq.com). That discrepancy between registry metadata and the files is an inconsistency that should be resolved.
Instruction Scope: okThe SKILL.md instructs only to set the API key/endpoint, use the included CLI, fetch style profiles, write scripts, and call the remote Teleskopiq GraphQL API. The instructions do not ask the agent to read unrelated local files, system credentials, or send data to unexpected endpoints — all network I/O goes to the declared TELESKOPIQ endpoint. The ai-write flow streams AI output from the service (SSE), which is consistent with the described functionality.
Install Mechanism: noteThis is instruction-only (no install spec). skill.json lists Python requirements (requests, websocket-client), but there is no automated install step — meaning the script will fail unless those packages exist. There is no external download from untrusted URLs and no archive extraction, so install risk is low, but the lack of an install spec is a packaging omission to be aware of.
Credentials: concernThe runtime code and skill.json require a secret TELESKOPIQ_API_KEY (format tsk_...) and optional endpoint, which is appropriate for a remote API client. However, the registry metadata supplied in the evaluation initially listed no required env vars and no primary credential; that mismatch is problematic: users may be unaware this skill needs a secret API key. Verify the registry metadata matches skill.json before trusting the package. Aside from the API key, no other credentials or unrelated env vars are requested.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills, and declares no config paths. It can be invoked by the agent autonomously (disable-model-invocation is false), which is the platform default and appropriate for an API-integration skill. No excessive persistence or cross-skill modification is present.