Back to skill
Skillv1.0.0
ClawScan security
Organizze · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 7, 2026, 1:24 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally coherent — its requests and instructions match its stated purpose (Organizze API access) — but take care how and where you store the API token and how shell commands are executed so secrets aren't leaked.
- Guidance
- This skill appears to do what it says: run curl calls to your Organizze account using an email and API token. Before installing, confirm you actually use Organizze and that you trust the environment where the agent will run commands. Do not paste your token into chat or model prompts. Prefer setting ORGANIZZE_EMAIL/ORGANIZZE_API_TOKEN in your OS session or a secure secrets store rather than saving them in ~/.openclaw/openclaw.json (which is persistent and may be backed up). Check whether your platform logs shell commands or transcripts — if so, avoid executing commands that would cause the token to appear in logs. If the token is ever exposed, rotate it immediately.
Review Dimensions
- Purpose & Capability
- okThe name/description describe Organizze API interaction and the skill only asks for ORGANIZZE_EMAIL, ORGANIZZE_API_TOKEN, and ORGANIZZE_USER_AGENT — exactly the values needed for HTTP Basic Auth and User-Agent header to call the documented endpoints. No unrelated credentials, binaries, or install artifacts are requested.
- Instruction Scope
- noteSKILL.md instructs the agent to execute curl commands locally against https://api.organizze.com.br/rest/v2 using environment variable expansion for credentials and explicitly warns not to include secrets in model output. This stays within the stated purpose, but it assumes local shell execution and that shell command execution/logging won't expose secrets (shell history, system logs, or platform-level transcript capture could still leak resolved values).
- Install Mechanism
- okThere is no install spec and no code files — the skill is instruction-only, so nothing is downloaded or written by an installer. This is the lowest-risk install model.
- Credentials
- noteRequested env vars are proportionate to the API usage; ORGANIZZE_API_TOKEN is correctly declared as the primary credential. One caution: the SKILL.md shows storing credentials in ~/.openclaw/openclaw.json as an option — that persists secrets in a config file and may expose them to other local users or backups. Prefer ephemeral or OS-provided secret storage when possible, and avoid committing the file to backups or source control.
- Persistence & Privilege
- okFlags are normal: always=false and user-invocable=true. The skill does not request system-wide privileges, does not modify other skills, and does not demand permanent/always-on inclusion.