Skillv1.0.0

ClawScan security

Snapbyte Digest API · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 16, 2026, 2:36 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with a digest-fetching helper that uses a single Snapbyte API key; nothing in the code or instructions appears to try to do unrelated or hidden actions, though there are a couple of small mismatches you should be aware of.
Guidance: This skill appears to do what it claims: it uses a single Snapbyte API key to fetch digests and format them. Before installing: (1) Confirm you trust api.snapbyte.dev and the Snapbyte service; the skill will send your SNAPBYTE_API_KEY to the configured base URL. (2) Be cautious with the undocumented SNAPBYTE_BASE_URL environment variable — if you set it to a non-official URL you could expose your API key. (3) The metadata lists 'curl' though the script uses only python3; this is harmless but inconsistent. (4) If you enable scheduled/automated runs (cron or agent automation), review which channels or recipients would receive digest content to avoid accidentally publishing sensitive items. If you need stronger assurance, ask the publisher to document SNAPBYTE_BASE_URL and remove unused binary requirements (curl).

Review Dimensions

Purpose & Capability: noteName/description, required binaries (python3) and the included helper script align with fetching digests from Snapbyte. One minor mismatch: the metadata/README list 'curl' as a required binary but the bundled script never invokes curl; curl appears unnecessary for the stated purpose.
Instruction Scope: concernSKILL.md documents how to call the Snapbyte API and the included python helper follows that, but the script reads an additional environment variable (SNAPBYTE_BASE_URL) to override the base URL. SNAPBYTE_BASE_URL is not declared in requires.env or documented in SKILL.md; if set to an attacker-controlled URL it could cause the skill to send the SNAPBYTE_API_KEY to an unexpected endpoint. Otherwise the script only issues GET requests to the API and formats output.
Install Mechanism: okThis is an instruction-only skill with no install spec and one small Python helper script. No downloads or archive extraction are performed by the skill itself. The quickstart suggests installing an external CLI (clawhub) but that is user guidance, not an install step performed by the skill.
Credentials: noteThe skill requests a single API credential (SNAPBYTE_API_KEY) which is proportional to its function. Minor issues: SNAPBYTE_BASE_URL exists as an optional override in the script but is not declared in requires.env or documented; that optional env var could be misused if set to a malicious endpoint. No other unrelated credentials or config paths are requested.
Persistence & Privilege: okThe skill is not 'always' enabled and does not request permanent system-level presence. It does not modify other skills or system-wide settings. Autonomous invocation is allowed (the default), which is normal for skills; combine this with your agent's normal autonomy policies if you plan to schedule or auto-run it.