Back to skill
Skillv1.0.0
ClawScan security
Help.Center Article Management · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 2, 2026, 7:19 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's behavior mostly matches a Help.Center integration, but the runtime instructions require an API key and center ID (and instruct the agent to export them) even though the skill metadata declares no required environment variables — this mismatch and some scope recommendations warrant caution.
- Guidance
- This skill appears to be what it says (a Help.Center article manager) and uses only the Help.Center API endpoints in SKILL.md, but note two issues: (1) The runtime docs instruct the agent to ask for and export HC_API_KEY and HC_CENTER_ID, yet the skill metadata lists no required env vars — treat that as a sloppy/incomplete manifest. (2) The SKILL.md recommends creating API keys with broad scopes (including delete and publish). Before installing, confirm the skill's source (the README references a GitHub repo — verify it), only provide a key with the minimal scopes required for your use case (avoid content.delete unless you need deletion), and consider creating a scoped, revocable API key or test center account. If you need higher assurance, ask the skill author to update the manifest to declare the required env vars and to document scope recommendations and secure handling of keys.
Review Dimensions
- Purpose & Capability
- okName, description, and SKILL.md are coherent: the instructions and example curl calls target a Help.Center API for searching, creating, updating, publishing, and deleting articles, which matches the stated purpose.
- Instruction Scope
- concernThe SKILL.md explicitly instructs the agent to ask the user for an API key and Center ID and to export them as HC_API_KEY and HC_CENTER_ID for the session. However, the skill registry metadata lists no required environment variables. The instructions otherwise stay within the Help.Center API domain and do not request unrelated files or endpoints.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, so nothing is downloaded or written to disk by the skill itself (lowest install risk).
- Credentials
- noteRequiring an API key and center identifier is proportionate to the described functionality. However, the metadata's failure to declare these env vars is an inconsistency. The SKILL.md also recommends wide scopes (including content.delete); users should prefer least-privilege keys (e.g., omit delete/publish if not needed).
- Persistence & Privilege
- okThe skill does not request always:true, does not require system config paths, and is user-invocable with normal autonomous invocation settings. It does not request persistent system privileges.