Skillv2.0.1

ClawScan security

Publora Instagram · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 20, 2026, 1:00 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions clearly require a Publora API key and upload of local media to external (Publora/S3) endpoints, but the registry metadata does not declare any required credentials — this mismatch is a meaningful incoherence the user should resolve before installing.
Guidance: This skill appears to be what it says (a Publora-backed Instagram poster), but the SKILL.md clearly uses an API key (x-publora-key) while the skill metadata declares no required credential. Before installing: 1) Confirm where you'll store the Publora API key (ask the skill author to declare a required env var like PUBLORA_API_KEY or primaryEnv) and prefer a least-privilege key. 2) Verify the API base URL (https://api.publora.com) is the official endpoint you expect. 3) Understand that the skill will upload your local images/videos to S3 upload URLs returned by Publora — avoid sending sensitive media unless you trust the service. 4) Check whether the referenced 'publora' core skill is required (authentication/workspace webhook docs) and whether it's available/trusted. 5) If you need to allow autonomous invocation, be aware the agent could post on your behalf whenever invoked; consider restricting invocation or reviewing prompts that trigger it. If anything above is unclear, ask the skill author to update the metadata to declare the API key requirement and to document where tokens are stored/used.

Review Dimensions

Purpose & Capability: okThe SKILL.md describes publishing/scheduling Instagram posts via the Publora API and the provided example calls (create-post, get-upload-url, PUT to uploadUrl) match that stated purpose. It also references a separate 'publora' core skill for auth/docs — which is sensible but not included here and should be clarified.
Instruction Scope: noteRuntime instructions tell the agent to call Publora endpoints and to PUT media bytes to S3 upload URLs obtained from the API. This is expected for a posting/scheduling skill, but examples imply reading local image/video files (and using an API key in the x-publora-key header). The SKILL.md does not instruct the agent to read unrelated system files, but it does rely on external upload endpoints (Publora + S3).
Install Mechanism: okInstruction-only skill with no install spec or code files. No files will be written to disk by an installer — lowest install risk.
Credentials: concernThe documentation and examples require an API key header (x-publora-key: sk_YOUR_KEY), yet the registry metadata lists no required environment variables or primary credential. This is an inconsistency: the skill will need a secret (Publora API key) to function but does not declare it. That omission hinders safe permissioning and secret storage decisions.
Persistence & Privilege: okThe skill is not marked always:true and requests no config paths; autonomous invocation is allowed (platform default). There is no evidence the skill tries to modify other skills or system-wide agent settings.