AI Labs Builder
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its project-builder purpose, but it appears to include a hardcoded API key and runs unpinned external npm/npx setup code.
Review the workflow script before use, remove and rotate any hardcoded API key if real, and expect the skill to run npm/npx commands that download packages. Use it only in a clean project folder and keep AI provider credentials in environment variables or a secrets manager.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A real embedded key could be copied into generated projects, committed to repositories, billed against someone else’s account, or abused by other users.
The provided static scan reports a hardcoded API key/token literal in the workflow generator script. This is credential material that does not need to be embedded in a reusable project-builder skill.
const apiKey = [REDACTED]
Remove the hardcoded key, rotate it if it is real, use environment variables or a secrets manager instead, and declare any required provider credentials clearly.
The exact code installed can change over time, so project creation depends on the npm ecosystem and current package contents.
The skill downloads and runs current npm/npx package versions while creating projects. This is expected for a Next.js project generator, but versions are not pinned.
npx create-next-app@latest ... --yes; npm install framer-motion lucide-react clsx tailwind-merge; npx shadcn@latest init -y -d
Run the builder in a clean project directory, review generated package files, and consider pinning package versions or using lockfiles for reproducible installs.
If connected to an untrusted MCP client or given unsafe workflows, another agent could trigger workflow execution or scheduling.
The generated workflow project creates an MCP server exposing tools to execute and schedule workflows over stdio. This is aligned with the advertised MCP workflow feature, but it creates an agent/tool boundary that users must configure carefully.
name: 'execute_workflow' ... name: 'schedule_workflow' ... const transport = new StdioServerTransport()
Only connect the generated MCP server to trusted clients, review workflow definitions before enabling them, and avoid scheduling unreviewed actions.