Skillv0.1.0

ClawScan security

Efka Api Integration · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 21, 2026, 8:13 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared requirements mostly match an EFKA integration, but the runtime instructions assume an 'openclaw' CLI (not listed as a required binary), suggest running sudo apt installs, and expose optional external-notification hooks (Slack), so there are coherence gaps you should review before installing.
Guidance: Before installing or enabling this skill, check the following: - Confirm the 'openclaw' CLI/tool the instructions call is actually available in your environment (the skill's manifest does not list it as a required binary). If not present, ask the publisher where to obtain it and why it wasn't declared. - Treat EFKA credentials (EFKA_USERNAME/EFKA_PASSWORD) as sensitive: use a dedicated service account with minimal permissions, rotate credentials, and test submissions in a sandbox environment first. - The SKILL.md suggests running package installs (sudo apt install ...) — that requires privileged access. Prefer installing dependencies via your normal package management and security review processes rather than running arbitrary setup commands from the skill text. - Optional integrations (SLACK_WEBHOOK_URL, calendar sync) will send information outside your host; only enable them if you trust the destination and have reviewed what data will be posted. - Because this is instruction-only (no code files), there is nothing for the scanner to analyze. That reduces the observable surface but also means you must rely on manual review and testing. Ask the publisher for a link to the upstream code/binaries (the homepage is provided) and review any implementation before giving it live credentials. If you cannot verify the origin or the openclaw binary, treat the skill as untrusted and run it only in an isolated/test environment.

Review Dimensions

Purpose & Capability: okName, description, data-path usage (/data/efka), and requested env vars (OPENCLAW_DATA_DIR, EFKA_USERNAME, EFKA_PASSWORD) align with an EFKA integration that calculates contributions and submits declarations.
Instruction Scope: concernSKILL.md contains many 'openclaw efka ...' CLI commands but the manifest does not list the openclaw binary as a required dependency. The setup snippet suggests running 'sudo apt install jq curl' (privileged action) but does not provide a formal install spec. The instructions reference optional external hooks (SLACK_WEBHOOK_URL, calendar sync) which would send data externally and should be audited. The document otherwise limits credential use to submissions and mandates human approval for submissions (four-eyes workflow).
Install Mechanism: noteThis is an instruction-only skill (no install spec, no code files), which is lower risk. However, the README-style setup suggests installing binaries with apt at runtime; the lack of a formal install spec or indication of where 'openclaw' comes from is an inconsistency to resolve.
Credentials: noteRequired env vars (OPENCLAW_DATA_DIR, EFKA_USERNAME, EFKA_PASSWORD) are appropriate for the stated purpose. EFKA_PASSWORD is a sensitive secret and should be scoped to an account with minimal privileges. The skill metadata lists optional external hooks (SLACK_WEBHOOK_URL, GOOGLE_CALENDAR_ID) that are plausible but can lead to data leaving the system if configured. The package does not declare a primary credential; EFKA credentials would reasonably be the primary credential and that omission should be fixed.
Persistence & Privilege: okalways is false, the skill is user-invocable and does not request persistent or system-wide modifications. As instruction-only, it does not install persistent components by itself.