ClawHub
Back to skill
v1.0.2

tenk-connect

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:49 AM.

Analysis

The skill mostly matches its TenK purpose, but its logging script unsafely embeds chat-provided skill names into Python code, creating a local code-execution risk.

GuidanceReview this skill before installing. Its TenK account access is clearly related to its purpose, but the bundled logging script should be fixed to safely handle user-provided skill names before you rely on it.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution
SeverityHighConfidenceHighStatusConcern
scripts/tenk.sh
local skill_query="${1:-}"
...
q = '$skill_query'.lower()

The user-provided skill name argument is inserted directly into Python source passed to `python3 -c`. A crafted value containing a quote and Python statements could break out of the string and execute code locally as the user.

User impactA maliciously crafted logging request or untrusted text that becomes the skill name could cause the helper script to run unintended local commands.
RecommendationDo not interpolate user-controlled values into `python3 -c` source; pass them as argv/environment values, validate minutes and skill names, and treat API-returned names as data only.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
scripts/tenk.sh
curl -sf -X POST "$API/sessions" ... -d "$body"

The helper can create TenK practice-session records through the authenticated API. This is central to the skill’s purpose and is described in SKILL.md, but it is still an account-changing action.

User impactThe assistant can add practice sessions to your TenK account when using this skill.
RecommendationUse it only when you want the assistant to make TenK account changes, and review confirmations for logged duration, skill, and notes.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
User logs in with TenK credentials.
CLI polls until approved. Token saved to ~/.config/tenk-connect/token (chmod 600).

The skill obtains and stores a TenK OAuth token for later API calls. This is disclosed and purpose-aligned, but it grants the assistant access to read account details and log sessions while valid.

User impactAnyone or anything using the assistant with this skill may be able to act on your TenK account until the token expires or is removed.
RecommendationInstall only if you trust this TenK integration, avoid sharing the token file, and run `tenk.sh logout` when you no longer want the assistant connected.