Skillv0.1.0

ClawScan security

Tiktok Ugc Creator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 16, 2026, 6:23 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (hiring TikTok UGC creators via the PingHuman API) is plausible, but the runtime instructions expect an API bearer token and push data to an external service while the skill manifest does not declare any required credentials or env vars — an inconsistency you should resolve before installing.
Guidance: This skill appears to be what it says (a connector to PingHuman's creator marketplace) but it has a key omission: the runtime examples use a Bearer token, yet the manifest doesn't declare any required credential or explain how to provide one. Before installing, ask the publisher: (1) confirm the exact credential name and required scope (provide a scoped API key); (2) explain where/how the agent should store the API key (env var vs agent secret store) and recommend least privilege; (3) review PingHuman's privacy/terms so you know what data will be sent when you create tasks (campaign descriptions often include product details and target demographics); (4) verify billing/payment and dispute practices for creator compensation; and (5) consider running the skill in a limited/test account first and avoid including any other secrets in campaign payloads. If the publisher cannot justify why credentials are omitted from the manifest or provide safe storage guidance, treat the skill with caution.

Review Dimensions

Purpose & Capability: noteThe skill's name, description, and SKILL.md all describe interacting with the PingHuman API to browse creators and post campaign tasks — that aligns. However, the SKILL.md examples use an Authorization: Bearer <token> header but the manifest declares no required environment variables or primary credential. The skill likely needs an API key but does not declare it, which is an incoherence.
Instruction Scope: okThe instructions are focused on browsing creators and posting tasks to pinghuman.ai via HTTP (curl examples). They do not instruct reading unrelated local files or broad system state. They do instruct adding the skill URL to ~/.agent/skills.txt (agent config), which is typical for skill registration.
Install Mechanism: okThis is an instruction-only skill with no install spec or code to download — lowest-risk install mechanism. Nothing is written to disk by an installer beyond the user-chosen agent config step described in the README.
Credentials: concernThe SKILL.md shows use of a Bearer token (ph_sk_abc123...) but the manifest lists no required env vars or primary credential. That mismatch is concerning: the skill will need API credentials to function, yet it doesn't declare or explain how credentials should be provided, scoped, or stored. The skill could cause the agent to send campaign data (including demographic/target info) to an external endpoint; users should ensure only a scoped API key is used and avoid embedding other sensitive credentials.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges. It recommends adding a line to ~/.agent/skills.txt, which is normal for registering an instruction-only skill. It does not attempt to modify other skills or system-wide settings.