Back to skill
Skillv1.0.1
ClawScan security
Clawdship · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 23, 2026, 3:18 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with a static/Docker deployment helper for clawdship.dev; required tools and the single credential match the described purpose, but be aware it prints API keys/billing links and can expose secrets if used carelessly.
- Guidance
- This skill appears to do what it says: package a directory and POST it to clawdship's API. Before installing or running: 1) Treat the returned API key as a secret — avoid passing it on the command line (use CLAWDSHIP_API_KEY env var) because argv can show in process listings. 2) The script prints the API key and billing URL to stdout; those may be captured in agent logs or conversation history — only run this where outputs are private. 3) Don’t include local secrets (env files, keys) in the directory you deploy. 4) The JSON parsing is brittle (grep/sed); if you rely on automation, consider using a safer JSON tool (jq or a small Python snippet). 5) Confirm you trust https://api.clawdship.dev and understand the 7-day trial / billing model (USDC on Base) before authorizing charges. If you need higher assurance, request the skill source be audited or replace the deploy script with an implementation that avoids printing secrets and uses a robust JSON parser.
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md, and deploy.sh all focus on packaging files and POSTing them to https://api.clawdship.dev. Declared binaries (curl, tar) and the CLAWDSHIP_API_KEY credential are appropriate for this purpose.
- Instruction Scope
- noteInstructions and the script stay within deployment scope (tar the directory, POST archive). The script prints the returned API key and billing URL to stdout — necessary to give the user their key but a potential information-leak risk if agent logs/conversation are stored. The script uses grep/sed to parse JSON (fragile) rather than a JSON parser; this is not malicious but brittle and may fail for complex responses.
- Install Mechanism
- okNo install spec; this is an instruction-only skill with a small helper script. Nothing is downloaded or written to system paths during install.
- Credentials
- noteOnly CLAWDSHIP_API_KEY (and an optional CLAWDSHIP_API base URL) are used — proportional to the stated function. However, the script accepts the API key as a third CLI argument (visible in process listings) and prints API keys to stdout; both increase the risk of accidental credential exposure.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system modifications or access to other skills' configs. It only reads the provided directory and optional environment variables.