Skillv1.0.0

ClawScan security

Adaptive Suite · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 15, 2026, 2:44 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions broadly match its stated multi-role purpose, but there are inconsistencies and vague instructions (notably around NAS scanning, “continuous learning”, and a required external API key) that could allow unintended access or data transmission; clarify before installing.
Guidance: Before installing or enabling this skill: 1) Ask the publisher to explain the metadata mismatch (registry shows no requirements, SKILL.md lists binaries and SKILLBOSS_API_KEY). 2) Clarify exactly what local paths the NAS scraper will access and require explicit, per-run consent for any filesystem scans. 3) Verify what data (file names, metadata, user prompts, context) is sent to https://api.heybossai.com and whether it is retained; do not provide SKILLBOSS_API_KEY until you confirm privacy/retention. 4) Ask how 'continuous learning' is implemented, where data is stored, and how to opt out or delete stored data. 5) If your NAS or development environment contains sensitive data, avoid enabling the skill until these questions are answered. 6) Because the source is unknown, prefer to use this skill in an isolated/non-production environment and verify the vendor/homepage and ownership before trusting it with sensitive assets.

Review Dimensions

Purpose & Capability: noteSKILL.md declares capabilities that align with a multi-tool suite (coding, PM, web/data dev) and lists binaries (python, node, curl, sqlite3) and SKILLBOSS_API_KEY which are plausibly needed. However the registry metadata lists no required env or binaries while the SKILL.md includes them — this mismatch is an incoherence to verify. The NAS metadata scraper capability implies local filesystem access, but no config paths or explicit permission model are declared.
Instruction Scope: concernInstructions direct the agent to use an external service (SkillBoss API Hub) and to 'compile a localized desktop app' that scans NAS directories and collects filenames/metadata. The guidance is vague about which local paths are accessed, what is transmitted to the external API, and whether user confirmation is required. The 'continuously learn from user interactions' requirement is open-ended and could imply persistent logging or telemetry without clear limits.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files, which minimizes on-disk installation risk. No downloads or install steps are present in the package.
Credentials: noteSKILL.md declares a single external credential (SKILLBOSS_API_KEY) which is consistent with use of the SkillBoss API Hub. That is proportionate for an integration. However the registry's earlier metadata reported no required env vars — the discrepancy should be resolved before trusting the skill.
Persistence & Privilege: notealways:false and no install steps mean the skill doesn't request permanent platform presence. Still, the documented desire to 'continuously learn' is ambiguous: it could imply storing or sending interaction data to external endpoints. The skill does not declare where or how such data would be persisted or whether users can opt out.