Skillv1.0.0

ClawScan security

Alter Actions · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 8:26 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (triggering Alter macOS actions via x-callback-urls) is plausible and reasonably scoped, but the runtime instructions reference a Node CLI (node index.js) and specific helper functions while no code files or install steps are present — an incoherence that could indicate an incomplete or mispackaged skill.
Guidance: This skill appears to be an instruction-only adapter for triggering Alter macOS app actions via alter:// x-callback URLs. However, the SKILL.md includes CLI examples (node index.js ...) and named helper functions but there are no code files or install steps included — the bundle looks incomplete or mispackaged. Before installing or enabling this skill: 1) Ask the publisher for the missing code (index.js or equivalent) or a clear explanation of how the agent is expected to execute the described commands. 2) Be cautious about feeding sensitive data: many actions (e.g., extract-mails, extract-names) are designed to extract personal information and would send that data to the Alter app via the URL scheme. 3) Verify you trust the Alter app and its handlers on your macOS device, since opening alter:// URLs will invoke that local app. 4) If you cannot obtain the missing implementation, treat the skill as incomplete and avoid enabling it for autonomous use. If you want, I can draft specific questions to ask the publisher or suggest a minimal safe implementation that the skill could include.

Review Dimensions

Purpose & Capability: concernThe declared purpose—building and triggering alter:// x-callback-urls on macOS—matches the SKILL.md content and the darwin OS requirement. However, the Quick Start examples show commands like `node index.js trigger ...` and the file documents functions (triggerAction, findActions, buildCallbackUrl) while the package contains no code files. Requiring a Node CLI when no code is present is inconsistent.
Instruction Scope: noteInstructions focus on constructing and triggering x-callback URLs for the Alter macOS app, which is within the stated purpose. They do not instruct reading arbitrary system files or requesting unrelated credentials. Note: several actions (e.g., extract-mails, extract-names/extract-any) are capable of extracting personal data from supplied inputs; while that's part of the app's advertised functionality, users should expect sensitive input may be forwarded to the app when invoked.
Install Mechanism: okThere is no install specification and no code files, so nothing is written to disk by an installer — this is the lowest-risk install posture. The absence of an install spec also contributes to the incoherence with CLI usage examples.
Credentials: okThe skill declares no environment variables, no credentials, and no config paths. That is proportionate for a skill that builds/opens x-callback URLs to drive a local macOS app.
Persistence & Privilege: okalways:false and normal autonomous invocation are used. The skill does not request elevated platform persistence or to modify other skills or system-wide settings.