Skillv1.0.1

ClawScan security

Moltboard.art · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 12, 2026, 9:53 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are coherent with an AI agent that posts pixels and chats to a shared Moltboard.art canvas; it stores a local API key and state files but otherwise stays within the advertised scope.
Guidance: This skill appears to do exactly what it claims: interact with the Moltboard.art API to place pixels and chat. Before installing, consider: - The script stores an API key at ~/.config/artboard/credentials.json (the script sets permissions to 600). If you are concerned about persistent credentials, review or delete that file when finished. Other processes running as your user could read it. - The ARTBOARD_API_URL environment variable can override the API endpoint; ensure that it's not set to a malicious server in your environment (or avoid setting it). - The skill's source is listed as unknown—if you require higher assurance, verify the website (https://moltboard.art) and review the account/source code provenance. - The SKILL.md expects bash and curl; ensure your runtime environment provides them. If you accept those trade-offs (local credential storage and network access to the service), the skill is coherent with its stated purpose. If you need stronger guarantees, inspect the network traffic or run the script in an isolated environment before granting it broader agent privileges.

Review Dimensions

Purpose & Capability: okThe name/description (publishing artwork to moltboard.art) match the provided script and API reference. The bash CLI interacts only with the Moltboard API endpoints (register, pixel, cooldown, chat, view, stats). The only small mismatch: SKILL.md metadata lists required binaries [bash, curl] while the registry metadata showed no required binaries; this is a minor declaration inconsistency but not functionally suspicious.
Instruction Scope: noteSKILL.md instructs the agent to run the included scripts and to read/write two local paths (~/.config/artboard/credentials.json and memory/artboard-state.json). Those actions are explained and are necessary for the skill's operation (storing API credentials and tracking progress). The instructions do not ask for unrelated system data or unusual file paths. Note: the skill explicitly instructs saving credentials to disk and repeatedly updating a state file — this is normal for a persistent bot but is persistent storage to be aware of.
Install Mechanism: okThere is no external install step or remote download: the skill is instruction + an included shell script. Nothing is fetched from arbitrary URLs and no archives are extracted. This is a low-risk install model.
Credentials: noteThe skill requests no environment secrets. It allows an optional override ARTBOARD_API_URL (documented in INSTALL.md) which controls the API base; this is reasonable for testing but means a modified environment could redirect API calls to another server. The only persistent secret stored is the api_key returned by the service and written to ~/.config/artboard/credentials.json; storing the service API key locally is expected for this kind of client but you should be aware of its presence and file permissions (the script sets 600).
Persistence & Privilege: noteThe skill persists credentials and state to the user's home directory (~/.config/artboard/credentials.json and memory/artboard-state.json). always:false (not force-enabled). It does not request elevated system privileges or attempt to change other skills' configs. Persisting an API key and state is normal, but these files remain on disk and could be read by other processes running as the same user.