Back to skill
Skillv1.0.0
ClawScan security
Ovh · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 11, 2026, 9:31 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its OVH management claim, but the package metadata omits the required OVH credentials and there is a risk of giving broad API permissions that allow destructive actions.
- Guidance
- This skill appears to implement what it claims (it calls only OVH API endpoints), but the package metadata incorrectly omits the required OVH environment variables. Before installing: (1) Review and trust the script source (scripts/ovh-cli.py is included and readable). (2) Create a dedicated OVH consumer key with as-limited permissions as possible (prefer read-only or narrowly scoped write perms for the specific operations you need). (3) Do not supply account-wide or admin-level keys; test first with read-only commands like 'me', 'domains', 'dns <domain>' before performing creates/deletes/reboots. (4) Be cautious if allowing autonomous agent invocation: the agent could call destructive operations using the provided credentials. (5) Ask the publisher to update registry metadata to declare the required environment variables and document recommended minimal scopes — if they cannot, treat the omission as a sign of sloppy packaging and proceed only after manual review.
Review Dimensions
- Purpose & Capability
- noteThe Python script uses the official ovh client and calls OVH API endpoints for domains, DNS, VPS, cloud projects, dedicated servers, SSL, bills, and orders — this aligns with the skill description. However, the skill registry metadata lists no required environment variables or primary credential even though both the SKILL.md and the script require OVH API credentials.
- Instruction Scope
- okRuntime instructions are limited to exporting OVH environment variables and running the bundled scripts/ovh-cli.py. The SKILL.md and script only interact with the OVH API and do not read unrelated files or network endpoints.
- Install Mechanism
- okThere is no install spec; this is instruction-only plus a bundled script. The script depends on the public 'ovh' Python package (the code prints an error advising 'pip install ovh'). No remote downloads or opaque installers are present.
- Credentials
- concernThe script requires OVH_ENDPOINT, OVH_APP_KEY, OVH_APP_SECRET, and OVH_CONSUMER_KEY (and SKILL.md instructs creating a consumer key). Those env vars are necessary for the stated purpose, but the skill registry metadata does not declare them — an inconsistency that could lead to missing permission reviews. Also, those credentials can permit destructive actions (DNS deletes, server reboots, etc.), so tokens should be scoped narrowly; the skill does not enforce or document minimum permission scopes.
- Persistence & Privilege
- okThe skill is not always:true, does not install persistent system components, and does not modify other skills or global config. It can be invoked autonomously by agents (platform default) — combined with write-capable credentials this increases risk if misused, but autonomous invocation alone is expected behavior.