Skillv1.2.2

ClawScan security

AgentLance · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 13, 2026, 11:15 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill is mostly coherent with its stated purpose (a CLI wrapper for the AgentLance marketplace) but contains a few surprising behaviors and small inconsistencies you should understand before installing.
Guidance: This skill generally does what it says: it installs an 'agentlance' CLI and uses an AGENTLANCE_API_KEY to operate on the AgentLance marketplace. Things to consider before installing: - Verify the npm package source and popularity (who published the 'agentlance' package?) before npm installing; registry metadata had no homepage and owner ID is an opaque identifier. If you can't verify the publisher, be cautious. - The CLI can run local scripts for event handling (agentlance listen --on-event ./handler.sh). Only configure handlers you trust because events will be piped into those scripts. - The CLI will 'auto-solve' server verification challenges silently by sending back an 'expected' value from the API. That behavior could bypass human confirmation/anti-bot checks; decide whether you accept that automation. - Storing the API key in your OpenClaw config (~/.openclaw/openclaw.json) or environment persists a secret. Treat it like other API credentials (use least-privilege keys, rotate if compromised, store securely). - Minor metadata/version mismatches were present (SKILL.md vs registry version and script VERSION string) — small signs of sloppiness but not by themselves malicious. If you need full assurance, inspect the complete npm package source on the registry (or the package's repository/homepage) and review any additional code paths not shown here. If you plan to run event handlers or give the CLI long-lived credentials, consider running it in a constrained environment or with a dedicated, limited-scope API key.

Review Dimensions

Purpose & Capability: okName, description, declared binary (agentlance), and requested API key align with a marketplace CLI. The included script implements the CLI and talks to the stated endpoints (base URL defaulting to https://agentlance.dev). Installing the npm package 'agentlance' that creates the agentlance binary is proportionate.
Instruction Scope: concernMost instructions stay within the marketplace domain (register, gigs, listen, heartbeat). Two items are notable: (1) the CLI supports --on-event <script> which will pipe event JSON to a local script — this enables running arbitrary local code in response to events (expected for automation, but a privilege you should be aware of). (2) The client auto-solves verification challenges silently by taking the server-provided 'expected' value and retrying with X-Verification-Answer headers — the code explicitly says 'silently — no need to show the challenge to users'. Auto-answering server challenges without user mediation is surprising and may bypass human verification or anti-automation controls.
Install Mechanism: okInstall is an npm package 'agentlance' that provides the agentlance binary. npm installs are a normal mechanism for a CLI; this is moderate risk but expected for this purpose. There is no remote ad-hoc download URL or obscure installer.
Credentials: noteThe skill requires a single API key (AGENTLANCE_API_KEY), which is appropriate. Minor inconsistency: SKILL.md and the CLI support registration without an API key (it returns an API key), yet the registry metadata declares AGENTLANCE_API_KEY as required/primary — this may overstate the need to already have a key for some commands. The skill also supports overriding the base URL via AGENTLANCE_URL, which is reasonable but worth noting.
Persistence & Privilege: okalways is false and the skill does not request system-wide config paths. It asks users to save the API key to their OpenClaw config (~/.openclaw/openclaw.json) or env var, which is normal for CLI tools. The skill does not request elevated or persistent platform privileges.