Idealista
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears benign: it documents Idealista API searches using expected credentials, but users should verify the external CLI source and protect the stored API secret/token.
This skill is coherent for querying Idealista. Before using it, verify the idealista-cli repository or version you install, store the API key and secret securely, and remember that property-search locations and criteria are sent to Idealista.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you install or update that CLI, you are trusting code outside this skill review.
The skill relies on an external GitHub CLI that is not included in the provided artifact set and is not pinned to a specific commit or release.
"install": [{"id": "git", "kind": "git", "label": "Install idealista-cli (git clone)", "url": "https://github.com/quifago/idealista-cli"}]Install idealista-cli only from a trusted source, review the repository or release, and pin a known version where possible.
Anyone who can read the environment variables or config file could use the Idealista API credentials and consume API access or quota.
The skill requires Idealista OAuth client credentials and documents a command that can persist them locally. This is expected for the stated API integration, but it is still account/API access material.
IDEALISTA_API_KEY = client_id; IDEALISTA_API_SECRET = client_secret ... python3 -m idealista_cli config set --api-key "<CLIENT_ID>" --api-secret "<CLIENT_SECRET>"
Use dedicated Idealista credentials, keep the config file private, avoid committing secrets, and rotate the key if it may have been exposed.
Search locations and property preferences may be shared with Idealista as part of normal API use.
The documented searches send location and housing-search criteria to the external Idealista API through the CLI. This is disclosed and central to the skill purpose.
python3 -m idealista_cli search --center "39.594,-0.458" --distance 5000 --operation sale --property-type homes
Only run searches with locations or criteria you are comfortable sending to Idealista, and review the provider's API privacy and terms if needed.