Skillv2.0.2

ClawScan security

Dex · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 26, 2026, 3:18 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements, installation, and runtime instructions are consistent with a Dex CLI/MCP integration for personal CRM; nothing requested is disproportionate to the stated purpose, though there are a few user-facing actions (auto-configuring MCP, installing a global npm CLI, storing an API key) you should review before proceeding.
Guidance: This skill appears to do exactly what it says: control the Dex personal CRM via its CLI or MCP endpoints. Before installing or running any suggested commands, consider: 1) Review what `npx -y add-mcp https://mcp.getdex.com/mcp` will change — run it without `-y` first so you can confirm actions, or inspect the add-mcp tool. 2) Installing a global npm CLI (`npm install -g @getdex/cli`) will place a binary on your PATH and may run package scripts; prefer reviewing the package on npmjs.com or installing locally if you prefer. 3) Storing API keys: the instructions save keys to ~/.dex/api-key (chmod 600) or recommend using DEX_API_KEY for CI — only do this on trusted machines and avoid pasting secrets into shared or ephemeral environments. 4) If you need stronger assurance, inspect the @getdex/cli package source (or its GitHub repo) before installing and verify the MCP endpoints (mcp.getdex.com) are legitimate for your account. Overall the skill is coherent for its stated CRM purpose, but exercise normal caution around auto-configuration and secret storage.
Findings: [no-findings] expected: The regex scanner had no files to analyze because this is an instruction-only skill (no code files). Absence of findings does not imply safety; review the SKILL.md instructions as done above.

Review Dimensions

Purpose & Capability: okThe skill is a Dex personal-CRM integrator. It requires a 'dex' binary and declares an npm package (@getdex/cli) that provides that binary — this matches the stated functionality (search/create/update contacts, notes, reminders, tags/groups). Required binaries, install spec, and referenced endpoints (getdex.com / mcp.getdex.com) are coherent with the described purpose.
Instruction Scope: noteThe SKILL.md stays within CRM operations (CLI and MCP usage, device-code or API-key auth, and CRUD flows). Two things to note: (1) it recommends running `npx -y add-mcp https://mcp.getdex.com/mcp` which will auto-configure MCP servers for supported AI clients (the `-y` makes this non-interactive and could modify local client configs), and (2) it instructs saving API keys to ~/.dex/api-key or using DEX_API_KEY for automation — both expected, but they involve storing credentials locally. No instructions ask the agent to read unrelated system files or transmit data to unexpected endpoints beyond Dex domains.
Install Mechanism: okInstall spec is an npm package (@getdex/cli) that creates a 'dex' binary. This is a common, expected mechanism for a CLI tool; risk level is moderate (public npm package) but proportionate to the described CLI-based integration. There are no opaque URLs, archive-extract steps, or personal servers used for installation.
Credentials: okThe skill does not declare required environment variables or unrelated credentials. It documents optional auth flows (API key stored at ~/.dex/api-key or DEX_API_KEY for CI) that are appropriate for a CRM CLI. No extraneous credentials or config paths are requested.
Persistence & Privilege: okThe skill is not marked 'always: true' and is user-invocable. It does contain instructions to add an MCP server which can change client configuration (potentially system- or user-wide for supported AI clients) — this is not the skill forcibly persisting itself, but it is an operation that modifies environment configuration and should be reviewed before running.