Back to skill
Skillv1.0.4
ClawScan security
Zen+ Health · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 13, 2026, 9:47 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it is an instruction-only integration that uses a read-only API key to call Zen+ Health endpoints via curl/jq and requests only the environment variables you'd expect.
- Guidance
- This skill appears to do what it says: it uses a read-only Zen+ Health API key to fetch notifications, timeline, profile, and catalogue via curl/jq. Before installing: (1) Only set ZEN_API_BASE_URL to the official API (https://api.zenplus.health) to avoid redirecting requests to an untrusted endpoint. (2) Use a dedicated, read-only API key for this integration and revoke it if exposed. (3) Be aware API responses may be logged by your OpenClaw instance (SECURITY.md mentions this). (4) If you want to prevent autonomous calls, consider disabling model invocation for the skill via your agent settings. If you need deeper assurance, request the publisher provenance or host-verified metadata (homepage or official publisher link) because the registry source here is unknown.
Review Dimensions
- Purpose & Capability
- okName/description match the requested artifacts: the skill reads notifications, timeline, catalogue and asks only for ZEN_API_KEY and ZEN_API_BASE_URL and standard CLI tools (curl, jq). These requirements are proportional to a read-only wellness integration.
- Instruction Scope
- okSKILL.md contains explicit curl commands that only call the declared API endpoints under the configured base URL using the provided API key. Instructions do not ask the agent to read unrelated files, credentials, or system state.
- Install Mechanism
- okNo install spec and no code files — instruction-only. That minimizes risk because nothing is written to disk or downloaded by the skill itself.
- Credentials
- noteThe skill requires only ZEN_API_KEY (primary credential) and ZEN_API_BASE_URL, which are appropriate. One note: allowing the base URL to come from an env var is expected for flexibility but means a mis-set or malicious ZEN_API_BASE_URL could redirect requests to an attacker-controlled endpoint. Confirm you set ZEN_API_BASE_URL to the official API (https://api.zenplus.health) and keep the API key secret.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system privileges or modify other skills. It is user-invocable and may be called autonomously by the agent (the platform default), which is normal for skills.