Back to skill
Skillv1.0.1
ClawScan security
Near Subaccount · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 10, 2026, 5:02 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (NEAR subaccount management) matches the included files, but it omits install/usage details and does not declare required credentials or how the CLI is provided, creating several incoherencies you should verify before installing.
- Guidance
- Before installing or enabling this skill: 1) Inspect scripts/subaccount.js and package.json to confirm what the code does (look for file reads, network endpoints, child_process usage, or attempts to read ~/.near-credentials). 2) Confirm how the near-subaccount CLI is installed — the SKILL.md documents a command but provides no install steps. 3) Be aware this will need NEAR CLI credentials and access to the master account (private keys); do not run it on a machine that holds keys you cannot risk exposing. 4) If you plan to allow autonomous model invocation, avoid doing so until you verify the code does not exfiltrate credentials or perform unexpected network calls. 5) If anything is unclear, request the skill author supply installation instructions, a security/privacy note about credential use, and a code audit or reproducible build steps before proceeding.
Review Dimensions
- Purpose & Capability
- noteName, description, and the included scripts indicate a legitimate NEAR subaccount/Distribution tool — the capability set (create/list/delete/distribute) is consistent with a NEAR CLI helper. However the metadata declares no required environment variables or binaries even though SKILL.md explicitly requires NEAR CLI and an exported NEAR_ACCOUNT, which is an omission.
- Instruction Scope
- concernSKILL.md instructs use of a near-subaccount CLI and references exporting NEAR_ACCOUNT and providing a JSON file for bulk distribution. It assumes NEAR CLI is 'installed and configured' but does not declare or explain access to the local NEAR credentials (~/.near-credentials) or other keys that must exist for the master account. The instructions therefore fail to specify what credentials or file access will be needed at runtime.
- Install Mechanism
- concernNo install spec is provided even though package.json and scripts/subaccount.js are present and the SKILL.md documents a command-line tool (near-subaccount). It's unclear how the CLI is installed or exposed (no brew/npm/install steps), which is an incoherence: the skill provides code but no prescribed safe installation path.
- Credentials
- concernRegistry metadata lists no required environment variables or primary credential, yet SKILL.md instructs setting NEAR_ACCOUNT and expects NEAR CLI credentials for a master account (sensitive keys). The skill doesn't declare access to local credential files or any tokens, so required secrets are not proportionately documented.
- Persistence & Privilege
- okNo special persistence flags (always, disableModelInvocation) are set. The skill does not request permanent inclusion or elevated registry-level privileges in the metadata.