Back to skill
Skillv1.0.0
ClawScan security
Summarize · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 5:50 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it calls a single external API (heybossai.com) with one declared API key and contains only curl-based runtime instructions, but you should treat the external API key as powerful and verify the service before using real secrets or sensitive files.
- Guidance
- This skill is coherent: it simply forwards requests to an external API and needs one API key. Before installing, verify the legitimacy of the endpoint (https://api.heybossai.com) and the service operator, avoid using high-privilege/reusable secrets (do not reuse AWS, GitHub, or other critical keys), prefer creating a scoped/test API key, review the service's privacy/retention policy for uploaded data (documents/audio/images), and test the skill with non-sensitive content first. If you need stronger assurance, ask the publisher for a homepage, documentation, or a link to the service's security/privacy documentation.
Review Dimensions
- Purpose & Capability
- okThe name/description promise (summarization plus access to many model types) matches the SKILL.md: all examples call https://api.heybossai.com using SKILLBOSS_API_KEY and show endpoints for chat, image, video, TTS/STT, document parsing, etc. Minor note: the description mentions a 'summarize CLI' but the SKILL.md provides curl examples rather than a specific packaged CLI binary; that is a small documentation/terminology mismatch but not a functional incoherence.
- Instruction Scope
- okRuntime instructions are curl/bash examples that use only the declared SKILLBOSS_API_KEY and standard endpoints; they do not tell the agent to read unrelated local files, other env vars, or system-wide config. Example workflows include uploading audio as base64 or downloading returned URLs — expected for the stated capabilities.
- Install Mechanism
- okThere is no install spec and no code files to write/execute; this is instruction-only (lowest install risk). All runtime examples use curl and jq, which are common CLI tools; nothing is being downloaded from untrusted URLs by the skill itself.
- Credentials
- noteThe skill requires a single API key (SKILLBOSS_API_KEY) which is appropriate for a single third‑party AI aggregator service. Caveat: that one key likely grants broad capabilities (model access, data upload) to the external service, so granting it is powerful — appropriate but deserves caution (limit scope where possible).
- Persistence & Privilege
- okalways is false and the skill does not request system-level persistence or modify other skills. The skill may be invoked autonomously by the agent (platform default), which is normal and not by itself a red flag.