Skillv1.0.2

ClawScan security

CMI CPaaS - WhatsApp OTP Sender · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 6, 2026, 3:24 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill does what it says (send WhatsApp OTPs via the CMI OmniChannel RCS API), requests only the tenant credentials it needs, and contains local scripts — but it intentionally disables SSL verification and clears proxy settings to work around a non‑standard endpoint, which is a notable security risk you should understand before use.
Guidance: This skill appears to do exactly what it claims, but it contains an explicit workaround that weakens network security: the Python script disables SSL certificate verification and the scripts avoid proxies to reach a server with a broken TLS configuration. Before installing or providing credentials: 1) Verify you trust the API provider (cpaas-rcs.cmidict.com) and the tenant you will use. 2) Prefer not to reuse long‑lived credentials; use short‑lived or scoped keys if possible and rotate them after testing. 3) Run the scripts in a controlled/sandboxed environment first to confirm behavior. 4) Ask the provider to fix their certificate configuration so you can re-enable standard verification and proxy traversal. 5) Ensure the agent or environment won't log or leak the AccessKeySecret or ApplicationSecret (avoid pasting secrets into public chat). If you cannot accept disabling TLS verification or bypassing your corporate proxy, do not use this skill until the API endpoint is corrected or the scripts are adapted to your environment.

Review Dimensions

Purpose & Capability: okName/description match the included Python and shell scripts and the runtime instructions. The requested inputs (AccessKeyId, AccessKeySecret, ApplicationName, ApplicationSecret, recipient, OTP) are appropriate and required for the API calls the skill performs.
Instruction Scope: concernSKILL.md and the scripts instruct the agent to clear proxy environment variables and to disable certificate verification / use a permissive SSL context to contact https://cpaas-rcs.cmidict.com:7081. These actions are outside normal best practices and reduce transport security (MITM risk), though they are documented and appear intended to work around a server with a bad TLS configuration.
Install Mechanism: okNo install spec or external downloads; the skill is instruction+bundled local scripts only. No third‑party packages are fetched at install time (the Python script requires 'requests' but only checks for it at runtime).
Credentials: noteThe skill requires tenant credentials (AccessKeyId/AccessKeySecret and app secret) which are proportionate to sending OTPs. It does modify proxy environment variables within the process and the shell version uses curl --noproxy '*'; this affects only the process but may bypass corporate proxies and access controls — a security tradeoff explained in the SKILL.md.
Persistence & Privilege: okThe skill is not always-enabled, does not request platform-level persistence, and does not modify other skills or system-wide agent settings.