Back to skill
Skillv1.0.0
ClawScan security
Artist Research · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 16, 2026, 12:08 PM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (artist research) is plausible, but the instructions and code contain inconsistencies and a risky reference to an external .env and sibling project path that warrant caution before use.
- Guidance
- Do not run this skill with sensitive credentials or on a production machine until these issues are resolved. Specific actions to consider before installing or running: - Ask the author for the missing files (generate_report.py, web_fetch implementation) or a trimmed SKILL.md that matches the shipped code. - Inspect the spotify_auth module referenced at ../../spotify-songs-to-notion/spotify_auth.py before running; the script modifies sys.path to import it, which can execute arbitrary code from another repo. - Never place global or high-privilege secrets in a shared .env that the skill might read; prefer ephemeral API credentials or environment variables scoped to the process. - If you must test, run in an isolated sandbox or throwaway VM and use throwaway Spotify credentials with minimal scope. - Request the author to remove hard-coded relative .env loading and instead accept credentials from the declared environment variables or documented config paths within the skill directory. - Verify any web-scraping (kworb.net, Instagram) is implemented intentionally and check for external endpoints; confirm the skill does not exfiltrate data to unexpected hosts. If the author can show (1) the missing files or remove references to them, (2) change the .env loading to use only in-skill config or documented environment variables, and (3) provide the spotify_auth code for review, the incoherences could be resolved and the risk reduced.
Review Dimensions
- Purpose & Capability
- concernThe name/description (Spotify + web data artist analysis) matches the included code's intent (spotify_api_lookup.py). However SKILL.md references additional capabilities (kworb scraping, web_fetch automation, generate_report.py) that are not implemented in the provided codebase, indicating a mismatch between claimed capabilities and actual files.
- Instruction Scope
- concernSKILL.md instructs use of web_fetch, automated kworb.net collection, and running generate_report.py, but the repository only contains spotify_api_lookup.py and a references file. The instructions also say credentials live in '.env' while the code explicitly loads a .env from a ../../spotify-songs-to-notion path — a scope creep that may cause the agent to read credentials outside the skill directory.
- Install Mechanism
- noteNo install spec is provided (instruction-only), which lowers installation risk. However SKILL.md requires Python packages (spotipy, python-dotenv) but doesn't declare that in metadata or provide a pinned install mechanism, creating an operational gap and ambiguity for users.
- Credentials
- concernRegistry metadata lists no required env vars, but SKILL.md requires Spotify credentials (SPOTIPY_CLIENT_ID, SPOTIPY_CLIENT_SECRET, SPOTIPY_REDIRECT_URI). More concerning: spotify_api_lookup.py loads a .env file from a relative path outside the skill (../../spotify-songs-to-notion/.env) and imports spotify_auth from that sibling path — this could cause the skill to read unrelated secrets or execute code from another project. That is disproportionate and unexpected for an artist-research skill.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or system settings. It writes output files only when asked (--json) and otherwise appears to be transient.