Back to skill
Skillv1.5.0
ClawScan security
Olk · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 5:01 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it wraps a named CLI (olk) for Microsoft Graph operations, requests no unrelated credentials, and its instructions stay on‑task; the main operational risk is installing a third‑party Homebrew formula and giving that CLI access to your Microsoft account(s).
- Guidance
- This skill appears coherent, but before installing: 1) Review the Homebrew tap and the olk GitHub repo (https://github.com/rlrghb/olkcli) and inspect the formula/binary source or releases to ensure you trust the author. 2) During 'olk auth login' check the OAuth scopes requested — prefer least privilege and consider using a client/app you control for enterprise logins. 3) Know that the CLI will store OAuth tokens locally and can download attachments to disk; use 'olk auth list' and 'olk auth clean --force' to manage tokens. 4) If you have sensitive corporate accounts, consult your org's admin before using third‑party CLIs. 5) If you want lower risk, avoid installing third‑party Homebrew taps or run the binary in a sandboxed environment first.
Review Dimensions
- Purpose & Capability
- okName/description (Outlook/OneDrive via Microsoft Graph) match the runtime instructions, which are purely CLI commands for mail/calendar/contacts/tasks/files. The only declared requirement is the 'olk' binary, which is appropriate.
- Instruction Scope
- okSKILL.md tells the agent to run the olk CLI commands (auth flows, list/send mail, download attachments, manage calendar, etc.). Commands reference saving/downloading attachments and storing tokens via the CLI, which is expected for this functionality. The instructions do not ask the agent to read unrelated system files or unrelated environment variables.
- Install Mechanism
- noteInstall is a Homebrew formula from the tap 'rlrghb/tap/olk'. Homebrew taps are a normal install mechanism, but third‑party taps are higher risk than official repos because the formula/binary originates from the tap owner and should be audited before installing.
- Credentials
- okNo environment variables or external credentials are declared by the skill. Auth is handled interactively by the olk CLI (device code or enterprise flows). That is proportionate to the described purpose, though it means the CLI will obtain and store OAuth tokens for Microsoft accounts.
- Persistence & Privilege
- okSkill is not always-present and does not request elevated platform privileges. The CLI will store tokens and may write downloaded attachments to disk (expected behavior). The skill does not declare changes to other skills or system-wide config.