Back to skill
Skillv0.1.2
ClawScan security
Amazon Reviews Api Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 17, 2026, 10:53 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and required environment variable (BROWSERACT_API_KEY) are coherent with its stated purpose of calling the BrowserAct Amazon Reviews API; nothing in the bundle requests unrelated credentials or performs unexpected system access.
- Guidance
- This skill calls BrowserAct's API (api.browseract.com) and requires your BrowserAct API key. Only provide the BROWSERACT_API_KEY if you trust BrowserAct and are comfortable that review data (ASIN and request metadata) will be sent to that service. Verify BrowserAct's terms/privacy and watch for costs or rate limits. Do not share other account credentials. If you want tighter control, run the included script locally yourself (set the env var locally) so you can inspect network traffic or logs before giving the key to an automated agent.
Review Dimensions
- Purpose & Capability
- okName/description claim extraction via BrowserAct; the included Python script calls api.browseract.com and requires BROWSERACT_API_KEY—this is proportionate and expected for the stated purpose.
- Instruction Scope
- okSKILL.md instructs the agent to run the included script with an ASIN, to check for the BROWSERACT_API_KEY, and to monitor stdout logs. It does not direct the agent to read unrelated files or exfiltrate arbitrary system data.
- Install Mechanism
- okNo install spec (instruction-only behavior) and a single small Python script are included. No external/untrusted downloads, installers, or archive extraction steps are present.
- Credentials
- okOnly BROWSERACT_API_KEY is required. That credential is directly used to authenticate requests to BrowserAct and is consistent with the skill's functionality; no other secrets or unrelated env vars are requested.
- Persistence & Privilege
- okThe skill is not force-installed (always: false) and does not request persistent system-wide changes or access to other skills' configuration. Autonomous invocation is allowed (default) but not elevated beyond normal.