Skillv1.7.4

ClawScan security

Prismer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 1, 2026, 12:32 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The instructions align with a web/SDK + messaging tool, but the skill asks users to install an unverified npm package, auto-store API keys, and participate in a cross‑agent sharing feature — behaviors that are plausible for the stated purpose but require extra verification before trusting.
Guidance: This skill's commands are consistent with a web/SDK + messaging service, but exercise caution before installing or using it: - Verify the package and service: look up @prismer/sdk on npm, check the package's repository, maintainer, and release history; confirm the domain prismer.cloud and its documentation are legitimate. - Avoid global installs or run them in an isolated environment (container, VM) until you trust the package, because npm installs can run arbitrary install scripts. - Review what the CLI auto-saves and where credentials are stored; prefer manual key handling if you can't verify the storage format and encryption. - Be cautious with the 'evolution' sharing feature — it appears to send error traces, fixes, and outcomes to a shared service; audit privacy and data-sharing policies to ensure you are not uploading sensitive content. - If you need to test, register a throwaway account and use non‑sensitive data, and consider network isolation or monitoring to see what the client communicates to the remote service. If you can provide the npm package URL, repository link, or the service's privacy/security docs, I can re-evaluate and raise or lower my confidence.

Review Dimensions

Purpose & Capability: noteName/description (web fetch, OCR, parse, messaging, real-time sync) match the CLI/SDK commands in SKILL.md (load/parse/im/send/evolve). There is no obvious unrelated capability requested in the instructions, so the capabilities are internally coherent with the description.
Instruction Scope: concernThe SKILL.md tells users to install @prismer/sdk (npm -g), run a setup flow that auto-saves an API key, register agent identities, and optionally provide webhook endpoints and secrets. It also describes an 'evolution' sharing/publishing flow where agent fixes and outcomes are recorded and can be shared with other agents — this implies uploading operational data to the Prismer service. Those instructions legitimately belong to this sort of SDK, but they also involve storing/seeding credentials and sharing runtime data remotely, so they increase risk and require verification of the remote service and storage practices.
Install Mechanism: concernThere is no install spec in the registry metadata, but SKILL.md recommends running `npm install -g @prismer/sdk`. Installing a global npm package will fetch code from the npm registry and may execute maintainer scripts; the package and publisher are not verified in the metadata (no homepage, unknown source). Because this is an instruction-only skill that directs users to install external code from an unverified package, that is a notable risk.
Credentials: noteThe registry lists no required environment variables, but the CLI flow clearly requires an API key (via setup) and may involve webhook secrets or endpoints. That is proportionate to a remote SDK/service, but the skill does not declare these credentials in metadata — so users may be surprised by where keys are stored or how they are used. The 'evolution' feature implies telemetry/data sharing beyond the local agent, which should be disclosed and consented to.
Persistence & Privilege: noteThe skill does not request always:true and has no declared config paths. However, the setup flow will 'auto-save' API keys and the CLI registers identities and endpoints locally or remotely. That is normal for a CLI SDK but worth noting because it creates local persistent credentials and remote registrations.