Skillv1.0.6

ClawScan security

Agentearth · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 12, 2026, 7:38 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it claims to be a proxy/selector for external tools and only requests a single API key for agentearth.ai, matching its instructions — however it will send user queries and conversation context to that external service, so treat the API key and any sensitive inputs as shared with that third party.
Guidance: This skill will send the user's natural-language queries and any injected conversation context to https://agentearth.ai using the AGENT_EARTH_API_KEY. Only install/use it if you trust that service — do not send secrets, personal data, or sensitive system information through it. Rotate the API key if you suspect misuse, review Agent Earth's privacy/security policies, and consider restricting the agent from sending sensitive context automatically (ask the user before including prior-turn context). The 'ALWAYS use this skill FIRST' recommendation in the doc may cause frequent outbound calls and privacy/cost consequences; confirm that behavior is acceptable for your environment.

Purpose & Capability: okName/description state this is a tool-discovery + execution frontend for Agent Earth. The skill only requires AGENT_EARTH_API_KEY and references agentearth.ai endpoints — these requirements align with the declared purpose.
Instruction Scope: noteSKILL.md explicitly instructs the agent to build natural-language queries, inject conversation context, call /recommend and /execute on agentearth.ai, validate input_schema, and return results. That scope matches the stated purpose. Note: the doc instructs the skill be used FIRST for many intents and to inject conversational context into requests — this means user queries and resolved context will be sent to the external service, which has privacy implications.
Install Mechanism: okInstruction-only skill with no install spec and no code files. Nothing is written to disk and no third-party packages are pulled in by the skill itself.
Credentials: okOnly a single environment variable (AGENT_EARTH_API_KEY) is required and declared as the primary credential. That is proportionate to a service-proxy skill that authenticates to an external API.
Persistence & Privilege: okalways is false and the skill does not request elevated system privileges or modify other skills. It is permitted to be invoked autonomously (platform default); combined with an external API key this enables runtime outbound calls, which is expected for this skill but requires trusting the remote service.