Skillv1.0.0

ClawScan security

Tibber Energy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 29, 2026, 10:22 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, instructions, and requested environment variables match its stated Tibber price/automation purpose; the main risk is that it will execute user-supplied shell commands and reads local config files containing secrets, which the documentation already warns about.
Guidance: This skill appears to do what it claims, but take these precautions before installing or running it: - Only provide a Tibber personal access token (TIBBER_ACCESS_TOKEN) that you are comfortable revoking if needed; don't reuse highly privileged keys. - Keep .env local and private; the tool will read ~/.config/tibber-energy/config.json and ./ .env files if present. - The control command feature will execute whatever shell command strings you pass to --on-command / --off-command. Always test with dry-run and simple harmless commands (echo) before using --execute, and only provide trusted command strings. - Review the included tibber_energy.py source yourself (or run it in an isolated environment) if you have concerns about unexpected network calls or data handling; the script contacts only api.tibber.com in normal operation. - If you install on a multi-user system, ensure the config file permissions restrict access to your account to avoid token leakage. If you want more assurance, request a full diff of the Python file contents (untruncated) for a line-by-line review.

Purpose & Capability: okName/description (Tibber price fetching, optimization, anomaly detection, and smart‑home control) align with the code and instructions. The only required credential is TIBBER_ACCESS_TOKEN (plus optional TIBBER_HOME_ID) and python3 is reasonable for the bundled Python CLI.
Instruction Scope: noteSKILL.md and the Python script focus on Tibber API queries, local config (.env and ~/.config/tibber-energy/config.json), and CLI commands. The control feature runs arbitrary shell commands supplied via --on-command/--off-command (the code imports subprocess and the docs explicitly warn about this). Executing user-supplied shell commands is expected for device control but is a real safety hazard — the docs recommend dry-run and trust only trusted inputs.
Install Mechanism: okNo install spec; this is a small Python CLI shipped as files (run.sh and tibber_energy.py). Nothing is downloaded or written by an installer during install, so install risk is minimal.
Credentials: okOnly TIBBER_ACCESS_TOKEN is required (primary credential); optional TIBBER_HOME_ID and local config are documented. No unrelated credentials or unexpected environment access are requested.
Persistence & Privilege: okalways is false and the skill does not request persistent platform privileges. It reads/writes only its own recommended config path (~/.config/tibber-energy) and local .env. It does not modify other skills or global agent settings.