Skillv1.0.0

ClawScan security

Job Market Tips · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 18, 2026, 8:14 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (job-market analysis via Apify) matches its instructions, but the metadata omits the obvious credential requirement (Apify API token) and there is no provenance or install code to verify how credentials or data are handled.
Guidance: This skill appears to be what it says (Apify-based job-market research), but the metadata fails to declare the Apify API token it obviously needs. Before installing or using it: 1) Ask the publisher how the Apify token is provided, used, and stored (environment variable vs. ephemeral prompt); 2) Prefer providing a limited-scope or separate Apify account/token you can revoke; 3) Inspect the referenced GitHub source (https://github.com/g4dr/openclaw-skills) to verify there is no hidden code that exfiltrates tokens or stores data externally; 4) If the skill requests you paste a token into chat, avoid doing so until you confirm the storage/usage policy; 5) If you require stronger assurance, request the author update the skill metadata to declare required env vars (e.g., APIFY_TOKEN) and to document retention and network endpoints. If the author can demonstrate that credentials are only used transiently to call api.apify.com and not stored or forwarded elsewhere, this would raise confidence to benign.

Review Dimensions

Purpose & Capability: okThe name/description and SKILL.md consistently describe job-market research using Apify actors and public job postings. The claimed capabilities (tracking postings, skill extraction, salary benchmarks) align with using Apify crawlers.
Instruction Scope: noteSKILL.md stays within the advertised domain (collecting and analyzing public job postings) and recommends specific Apify actors. The document explicitly states it only accesses publicly listed information. The instructions do refer to obtaining an Apify API token but do not show runtime commands or any steps that would access unrelated files/credentials in the environment.
Install Mechanism: okInstruction-only skill with no install spec and no code files. That minimizes filesystem and supply-chain risk but also leaves no code to audit. No downloads or third-party packages are declared or executed by the skill itself.
Credentials: concernThe SKILL.md explicitly refers to needing an Apify API token for operation, yet the registry metadata lists no required environment variables or primary credential. This mismatch is material: the skill will practically need a credential or user-provided token to call Apify, but the skill does not declare how that secret should be supplied or stored. That omission reduces transparency and may hide how/where the token is used or persisted.
Persistence & Privilege: okalways is false and there is no install or code that asks for persistent presence. Autonomous model invocation is enabled (default) which is normal; there is no evidence the skill modifies other skills or system-wide settings.