Back to skill
Skillv1.0.1
ClawScan security
presearch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 19, 2026, 10:53 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's runtime instructions require an API key and call an external Presearch endpoint, but the registry metadata does not declare any required credentials or a source/homepage — those mismatches make the package internally inconsistent.
- Guidance
- This skill's documentation shows it needs a Presearch API key and calls a presearch.com endpoint, but the registry entry didn't declare any required credentials or a source URL. Before installing: 1) Ask the publisher for the source/homepage and confirm the official Presearch endpoint and auth model; 2) Confirm how/where the API key should be supplied (and that the skill will not try to read unrelated secrets); 3) Prefer skills that declare required.env/primary credential so you can safely manage tokens; 4) Because this is instruction-only, it won't install code, but the metadata mismatch is a red flag — treat it as untrusted until the author provides clarifying metadata or a verified source.
Review Dimensions
- Purpose & Capability
- concernThe SKILL.md documents a Presearch HTTP API (Bearer token auth to https://na-us-1.presearch.com/v1/search). The skill description matches that purpose, but the registry metadata lists no required environment variables or primary credential and provides no source/homepage. A search-integration skill would reasonably need an API key declared; its absence is an incoherence.
- Instruction Scope
- noteThe instructions themselves are narrowly scoped: how to call the GET /v1/search endpoint, parameters, responses, and example snippets. They do not ask the agent to read local files or other unrelated secrets. The notable issue is that the instructions assume an API key (Authorization: Bearer YOUR_API_KEY_HERE) while the skill metadata does not declare one.
- Install Mechanism
- okThis is an instruction-only skill with no install spec or code files, so nothing is written to disk or downloaded. That minimizes install-time risk.
- Credentials
- concernThe runtime docs clearly require a bearer API key (the examples use api_key), but requires.env and primary credential are empty in the registry entry. This mismatch could lead to unclear handling of credentials (where should the key be provided?) and increases the risk of misconfiguration or accidental credential exposure if implementers improvise.
- Persistence & Privilege
- okThe skill is not marked always:true and uses default autonomous invocation settings. It does not request persistent system-wide privileges or modify other skills' configs according to the provided metadata.