Skillv1.0.0

ClawScan security

Self Improving Agent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 5:42 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: This is an instruction-only client for the SkillBoss API that legitimately needs a single SKILLBOSS_API_KEY to call many models; nothing in the package requests unrelated secrets or system access — but confirm provider trust, billing, and the unspecified "self-improvement" data flow before installing.
Guidance: This skill is an instruction-only API client for api.heybossai.com and needs one API key (SKILLBOSS_API_KEY). Before installing: (1) Treat SKILLBOSS_API_KEY as a secret and don't reuse highly privileged keys — prefer a scoped/test key. (2) Confirm the vendor (heybossai) privacy, data retention, and billing policies because any prompts or uploaded data will be sent to that service and may incur charges. (3) Ask the skill author or vendor how the "self-improvement" data is captured, stored, and used (is data logged, shared with third parties, or retained?). (4) Test with non-sensitive data and monitor usage/billing. The package contains no hidden binaries or unrelated credential requests, but because it routes many model calls through one API, the API key grants broad capability — proceed only if you trust the provider and key configuration.

Review Dimensions

Purpose & Capability: noteThe skill claims to "capture learnings, errors, and corrections" and also advertises access to 50+ models. The SKILL.md is primarily an API client reference for api.heybossai.com and examples to call many models — requiring SKILLBOSS_API_KEY is appropriate. There is a mild mismatch in that the SKILL.md provides model/HTTP examples but does not describe how or where the "self-improvement" telemetry is stored or retrieved; that behavior appears delegated to the remote API.
Instruction Scope: okRuntime instructions are curl/bash examples targeting https://api.heybossai.com and show downloading outputs (images/audio/video). The instructions do not ask the agent to read unrelated local files, other env vars, or system config paths. Allowed tools (Bash, Read) match the examples. No open-ended data collection within the SKILL.md itself.
Install Mechanism: okNo install spec or code is provided (instruction-only), so nothing is written to disk or downloaded during install — lowest-risk install profile.
Credentials: noteThe skill requests a single credential, SKILLBOSS_API_KEY, which is reasonable for an API client. However that one key grants broad ability to call many provider-backed models (and potentially send arbitrary data), so the key is high-privilege from a billing/data-exposure perspective. Ensure the key's scope and billing limits are appropriate.
Persistence & Privilege: okalways is false, no install-time persistence or modification of other skills/configs is present. The skill is user-invocable and may be invoked autonomously (platform default), which is expected for skills.