Skillv2.0.1

ClawScan security

Publora Twitter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 20, 2026, 1:00 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions clearly require a Publora API key to post/schedule tweets, but the package metadata does not declare any required credentials or a primaryEnv — this mismatch is unexplained and worth caution.
Guidance: This skill appears to do what it says (post/schedule threads via the Publora API), but the package metadata fails to declare the required Publora API key. Before installing or using it, ask the publisher to clarify how the API key is supplied (which env var or secret store), confirm the existence and provenance of the referenced 'publora' core skill, and verify the skill's source/homepage (none is provided). Only provide an API key you control and rotate it if you suspect misuse. If you need stronger assurance, prefer a skill that explicitly declares its required credential (primaryEnv) and links to a verifiable source or homepage.

Review Dimensions

Purpose & Capability: concernThe SKILL.md shows coherent, purpose-aligned behavior (calling publora endpoints to create posts, schedule, upload media). However, it requires an 'x-publora-key' API key in examples while the registry metadata declares no required environment variables or primary credential. The skill also references a separate 'publora' core skill for auth — the relationship/dependency is not expressed in the metadata, which is an incoherence.
Instruction Scope: okThe runtime instructions stay on-topic: examples show HTTP calls to publora endpoints, threading/scheduling/media rules, and no instructions to read local files, shell history, or unrelated system state. The main scope issue is that the instructions assume the agent has access to a Publora API key but do not show how that key should be supplied or protected.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so there is no installer or downloaded code to evaluate — low installation risk. The scanner had nothing to analyze.
Credentials: concernSKILL.md uses an API key header ('x-publora-key: sk_YOUR_KEY') but the skill metadata lists no required env vars or primary credential. That omission is a proportionality/information problem: the skill clearly needs a secret to operate, but the registry does not declare where that secret should come from or what environment variable name should be used, making it unclear how secrets will be handled and increasing the risk of ad-hoc secret provisioning or accidental exposure.
Persistence & Privilege: okThe skill does not request always:true and is user-invocable only; it does not claim to modify other skills or system-wide settings. No elevated persistence or privilege is requested in the metadata.