Back to skill
Skillv2.0.2
ClawScan security
Qordinate - Durable lists, facts, and reminders for OpenClaw agents. · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 6:54 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it simply instructs the agent to call Qordinate's MCP endpoint and only requests curl and a Qordinate API key; however, that API key grants broad access to the user's Qordinate account, so treat it as sensitive.
- Guidance
- This skill appears to do what it says: it uses your Qordinate account via a bearer API key and HTTP calls. Before installing: (1) verify you trust Qordinate (https://api.qordinate.ai and https://app.qordinate.ai) and understand what data (documents, contacts, connected apps) the service will see; (2) supply an API key with the minimal lifetime/scope possible (prefer a short expiry); (3) review and, if needed, disconnect third-party apps inside Qordinate that you don't want accessible; (4) know that anyone with the qk_ key can access your Qordinate data, so rotate/revoke keys if compromised; (5) ensure curl is available in your environment. If you are uncomfortable granting broad account access, do not provide a long-lived key or avoid installing the skill.
Review Dimensions
- Purpose & Capability
- okThe name/description (durable lists, documents, reminders, etc.) align with the declared requirements: a single QORDINATE_API_KEY and an HTTP client (curl) to talk to the MCP server. No unrelated credentials or binaries are requested.
- Instruction Scope
- okSKILL.md contains explicit MCP usage, the query_agent schema, and example queries. It does not instruct the agent to read unrelated system files, other env vars, or post data to unexpected endpoints. It does instruct the user to hand the Qordinate API key to the agent (expected for this integration).
- Install Mechanism
- okNo install spec or code is provided (instruction-only), so nothing is written to disk. Requiring curl is reasonable for making the described HTTP calls. This is the lowest-risk install profile.
- Credentials
- noteOnly QORDINATE_API_KEY is required and it is declared as the primary credential — that is proportionate. Important caveat: the API key (qk_...) grants access to documents, contacts, connected apps, automations, and web-search features described in the doc. Treat the key as highly sensitive, prefer a short expiry and least-privilege key if available.
- Persistence & Privilege
- okalways:false and default model invocation are used (normal). The skill does not request persistent system-level changes, modify other skills, or ask for config paths. Autonomous invocation is allowed by platform default; that increases blast radius only insofar as the agent is permitted to use the key.