Back to skill
Skillv1.0.0
ClawScan security
Delete File · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 18, 2026, 3:14 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it instructs the agent to call a single DELETE API on pdfapihub.com using an API key provided by the user and requests no unrelated system access or installs.
- Guidance
- This skill appears to do exactly one thing: call pdfapihub.com's delete API with a CLIENT-API-KEY and a file URL. Before installing/using it: (1) confirm you trust pdfapihub.com and that the API key you supply belongs to you; (2) don't paste sensitive or production keys into untrusted UIs—prefer ephemeral/test keys when first trying; (3) verify the service's docs and privacy policy if you plan to delete sensitive files (the skill assumes the service enforces ownership checks); and (4) test on a non-sensitive file to confirm behavior (e.g., that a 403 is returned when deleting files not owned by your key).
Review Dimensions
- Purpose & Capability
- okThe name/description (delete a file by URL) matches the instructions and skill.json which call a single delete endpoint on pdfapihub.com. There are no unrelated credentials, binaries, or install steps requested.
- Instruction Scope
- okSKILL.md only directs making an HTTP POST to the service's delete endpoint with the file URL and an API key in the CLIENT-API-KEY header. It does not instruct reading local files, other env vars, or contacting other endpoints.
- Install Mechanism
- okThere is no install spec and no code files to write or execute; this is instruction-only, which minimizes installation risk.
- Credentials
- noteThe skill requires an API key (declared in skill.json as header auth) but does not list any required environment variables — this is coherent: the user supplies the API key at runtime. No other secrets or unrelated credentials are requested.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-level presence or modify other skills/config. Autonomous invocation is allowed (platform default) but not combined with broad privileges.