ClawHub
Back to skill
v1.0.3

Roam HQ

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:02 AM.

Analysis

Roam HQ is a straightforward instruction-only API skill that transparently uses a Roam personal access token to read meeting/chat data and send Roam messages when requested.

GuidanceBefore installing, make sure you are comfortable granting a Roam API token that can access meeting transcripts and chats. For posting workflows, instruct the agent to confirm the group and message content before sending.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
`POST /v0/chat.post` `{ "groupId": "...", "text": "..." }`  send a message

The skill documents a message-posting endpoint, which is purpose-aligned but can create visible content in Roam groups.

User impactIf invoked, the agent may post messages to Roam groups using the user's account token.
RecommendationAsk the agent to show the target group and exact message text before posting.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
`ROAM_API_KEY` env var (Personal Access Token from Roam Settings  Developer). All requests: `Authorization: Bearer $ROAM_API_KEY`

The skill requires a Roam personal access token and uses it as bearer authentication for API calls, giving the agent whatever Roam account permissions that token has.

User impactThe agent can act through the user's Roam token for the documented Roam API operations.
RecommendationUse a token with the narrowest available permissions and revoke or rotate it if the skill is no longer needed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
`GET /v0/transcript.info`  transcript details + summary; `POST /v0/transcript.prompt` ... AI analysis of a transcript; `GET /v0/chat.history`

The skill retrieves and analyzes meeting transcripts and chat history, which are likely to contain private business or personal context.

User impactMeeting transcripts, summaries, prompts, and chat history may be brought into the agent's context during use.
RecommendationAvoid using it on highly sensitive meetings unless you are comfortable exposing that content to the agent session and Roam's API processing.