Skillv0.1.0

ClawScan security

Codeberg · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 11, 2026, 9:28 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: its name, instructions, and install options all align with using the 'tea' CLI to talk to Codeberg; there are only minor documentation gaps (e.g., an undeclared 'jq' example and no token-scope guidance).
Guidance: This skill is coherent for interacting with Codeberg using the tea CLI, but review a few small items before installing: 1) The examples use 'jq' but jq isn't declared as a required binary—install jq if you plan to use those examples. 2) The skill shows how to add a Codeberg token; only provide a token you trust and limit its scope to the minimum permissions needed (e.g., read-only vs admin) and do not paste tokens into chat logs. 3) Installing via Homebrew or building the Go module will create a local binary—verify you trust those package sources (check the Homebrew formula and the Go module repo) before installing. 4) Some commands (e.g., actions secrets list) require elevated repo permissions and may reveal metadata about secrets (names) but not secret values; only run them if you have appropriate repository access. If you want more assurance, ask the publisher for a homepage/source URL or inspect the brew/go package contents before installing.

Purpose & Capability: okThe skill advertises interacting with Codeberg via the 'tea' CLI and the SKILL.md only instructs using 'tea' subcommands (issues, PRs, actions, api). The declared install options (brew formula and go module for 'tea') are appropriate for providing the required binary.
Instruction Scope: noteInstructions stay within the stated purpose (running tea commands). Minor issues: examples use 'jq' for filtering but 'jq' is not listed as a required binary; the SKILL.md shows how to add a login token but does not document the necessary token scopes/permissions or warn about handling tokens securely.
Install Mechanism: okInstall options are standard package sources: Homebrew formula 'tea' and the upstream Go module 'code.gitea.io/tea@latest'. Neither is a URL download/extract from an untrusted host. Building via 'go' compiles local binary (expected for a CLI).
Credentials: okThe skill requests no environment variables or config paths. It instructs the user to provide a Codeberg token via 'tea login add'—this is appropriate and proportional to the skill's purpose (no unrelated credentials requested).
Persistence & Privilege: okalways is false and model invocation is allowed (default). The skill does not request persistent system-wide changes or access to other skills' configs in its instructions.