Back to skill
Skillv0.4.2
ClawScan security
Maybeai Sheet Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 3:57 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, runtime instructions, and requested credential (MAYBEAI_API_TOKEN) are consistent with a spreadsheet-management integration and do not request unrelated credentials or perform unexpected system access.
- Guidance
- This skill appears to do what it says: run spreadsheet operations against a MaybeAI backend using your MAYBEAI_API_TOKEN. Before installing or running scripts: 1) Confirm you trust the backend domain (play-be.omnimcp.ai / maybe.ai) and that your token is from the expected MaybeAI account page. 2) Inspect scripts (they use curl to send files and JSON) and avoid running them with a high-privilege token — use a scoped/test token if possible. 3) Note some example calls omit Authorization (likely public endpoints) — verify which endpoints require auth before uploading sensitive files. 4) Do not run scripts blindly on production data; test with non-sensitive sample.xlsx and set DOC_ID explicitly. If you need higher assurance, ask the skill author for an authoritative API spec or verified release source (GitHub repo/release) and confirm the backend host names.
Review Dimensions
- Purpose & Capability
- okThe name/description (spreadsheet lifecycle via MaybeAI) matches the included scripts and API endpoints. The single required environment variable (MAYBEAI_API_TOKEN) is the expected credential for calling a remote sheet API. The scripts only call spreadsheet-related endpoints and manipulate local sample files for upload.
- Instruction Scope
- noteRuntime instructions are explicit curl/jq examples that operate on spreadsheets and expect the MAYBEAI_API_TOKEN and (for many scripts) a DOC_ID. Scripts reference a local sample.xlsx and optional helper env vars (DOC_ID, PICTURE_FILE_BASE64, DATA_SHEET, etc.). A few curl calls omit an Authorization header (upload and some reads/exports) which may be intentional (public endpoints) or an oversight — inspect before running. No instructions ask the agent to read unrelated system files or exfiltrate data to third-party endpoints outside the documented MaybeAI domains.
- Install Mechanism
- okThis is instruction-only with bundled scripts; there is no installer that downloads or executes arbitrary remote code. The scripts are plain shell/curl/jq examples — low install risk. The SKILL.md suggests installing jq via package manager, which is reasonable.
- Credentials
- okOnly MAYBEAI_API_TOKEN is declared as required and is used as the Authorization bearer token in most requests. Other env vars (DOC_ID, PICTURE_FILE_BASE64, etc.) are optional script inputs rather than secrets. The requested credential is proportional to the stated functionality; there are no unrelated credentials or wide-ranging system config paths requested.
- Persistence & Privilege
- okalways:false and default invocation settings are used. The skill does not request permanent/system-wide privileges or attempt to modify other skills' configuration. It merely provides reusable scripts and instructions.