Skillv2.0.0

ClawScan security

Influencer Report · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 26, 2026, 5:01 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill generally does what it claims (uses Memories.ai to analyze videos) but there are coherence issues and a few red flags you should understand before installing.
Guidance: This skill appears to implement influencer vetting via Memories.ai, but there are inconsistencies and a potentially risky webhook domain. Before installing: (1) confirm the registry metadata is updated to declare the two required MEMORIES_* API keys; (2) review and verify the webhook URL (demo.memories-ai.org) — ask the publisher whether this is an official Memories.ai endpoint or just a demo; (3) search the code for any places where a callback_url could be set to an arbitrary endpoint and avoid passing sensitive API keys or production data to unknown callbacks; (4) run the scripts in an isolated/test environment and with limited/test API keys first; (5) request publisher identity/homepage or source provenance — if they can’t justify the demo webhook or fix the metadata mismatch, treat the package cautiously and avoid providing production API keys.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (influencer vetting using Memories.ai) matches the code and SKILL.md: it scrapes profiles and calls Memories.ai V1/V2 endpoints. However the registry metadata lists no required environment variables or credentials while both SKILL.md and the scripts require two Memories.ai API keys — an incoherence that should be resolved. Also the code uses a webhook/polling URL on demo.memories-ai.org (different from api.memories.ai / mavi-backend.memories.ai), which is unexpected and requires justification.
Instruction Scope: concernInstructions tell the agent to scrape profile URLs, submit videos to Memories.ai, poll a webhook for results, and produce reports — all consistent with the declared function. But the poll_result implementation contacts a hard-coded demo.memories-ai.org webhook endpoint (not clearly documented in SKILL.md). The code also supports supplying a callback_url for the scraper, which could be used to send scraped data to arbitrary endpoints. These behaviors expand the data flow beyond just calling Memories.ai APIs and could result in data leaving the environment.
Install Mechanism: noteThere is no install spec (instruction-only install) and no packaged dependency list. The scripts use Python and the requests library; nothing is downloaded or executed on install. Lack of a declared dependency list means you must ensure the runtime environment has Python and required packages (requests). This is not inherently malicious but is an operational omission.
Credentials: concernThe code requires two Memories.ai keys (MEMORIES_V1_API_KEY and MEMORIES_API_KEY), which are proportional to the described functionality. However the registry incorrectly lists no required env vars — a metadata mismatch. No other credentials are requested, but the presence of a callback_url parameter and the hard-coded demo webhook endpoint means data could be pushed/polled to a third party, so keys and data could be exposed if endpoints are not legitimate.
Persistence & Privilege: okThe skill does not request persistent or elevated privileges (always:false, user-invocable). It doesn't modify other skills or system settings. Autonomous invocation remains allowed (platform default) but is not by itself a red flag here.