v1.0.0

Qverisai 1.0.1

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:04 AM.

Analysis

The skill appears to match its stated purpose, but it gives the agent broad, auto-invokable access to execute dynamic external tools through QVeris using an API key.

GuidanceReview this carefully before installing. Use it only if you want your agent to call QVeris-hosted dynamic tools, set a revocable quota-limited API key, require confirmation before executing tools, avoid sensitive personal data, and verify the publisher/version mismatch.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

description: Search and execute dynamic tools via QVeris API... covers weather, search, stocks, finance... health data, and thousands more... auto_invoke: true

The skill is designed as a broad dynamic tool gateway and permits automatic invocation, but the artifacts do not define an allowlist or require explicit approval before executing discovered tools.

User impactThe agent may call external tools through the user's QVeris account in situations where the user expected only information retrieval, potentially sharing task data or incurring usage cost.

RecommendationInstall only if you intentionally want a broad external-tool gateway; require user confirmation for execute actions, use quotas, and restrict tool categories where possible.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

_meta.json

"ownerId": "kn730nze617pqzzn1z0c7dknnd809yqp", "slug": "qverisai", "version": "1.0.1"

The included metadata differs from the supplied registry metadata, which lists a different owner ID, slug, and version.

User impactPublisher or version mismatches can make it harder to confirm that the reviewed artifact is exactly the one intended by the registry listing.

RecommendationVerify the publisher, version, and source before providing an API key or relying on the skill in sensitive workflows.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

Requires QVERIS_API_KEY environment variable... credentials:\n  primary: QVERIS_API_KEY

The skill needs a QVeris API credential, which is expected for this service, but it delegates account authority to the skill's search and execute operations.

User impactAnyone using this skill with your environment can spend or consume whatever capabilities your QVeris key allows.

RecommendationUse a scoped, revocable QVeris key with spending and rate limits, and rotate it if you uninstall or no longer trust the skill.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

scripts/qveris_tool.mjs

body: JSON.stringify({ query, limit }) ... body: JSON.stringify({ search_id: searchId, parameters, max_response_size: maxResponseSize })

Search queries and execution parameters are sent to the external QVeris provider; the documented use cases include potentially sensitive areas such as geolocation, finance, social media, and health data.

User impactPrompts or parameters containing personal, health, location, or financial details may leave the local environment and be processed by QVeris or its tool ecosystem.

RecommendationAvoid sending regulated or sensitive personal data unless you trust QVeris's handling and retention practices for that data.