Skillv1.0.3

ClawScan security

Summarizer (x64 infrastructure) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 18, 2026, 12:40 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to be a legitimate CLI summarizer and its install methods are reasonable, but there are metadata inconsistencies and the runtime instructions reference multiple provider keys and a user config file (possible local-file reading / data sent to third-party LLMs) that are not declared in the required-env list — these mismatches warrant caution.
Guidance: This skill looks like a real summarizer CLI, but check a few things before installing: (1) verify the package/tap actually belongs to the GitHub project shown (inspect the npm package and the brew tap contents) because the registry metadata (owner ID/slug) and _meta.json names disagree; (2) be aware that summarizing local files will read file contents and send them to whichever LLM provider or fallback service you configure — do not summarize sensitive files unless you trust the target provider and have reviewed the CLI code; (3) the SKILL.md mentions many environment variables (provider API keys, FIRECRAWL, APIFY) that are optional but powerful — only set them if necessary and in scoped accounts/keys; (4) if you want lower risk, inspect the npm package contents locally (or vendor the binary) before installing, or limit the skill to summarizing non-sensitive URLs only.

Review Dimensions

Purpose & Capability: noteThe declared purpose (summarize URLs and local files using the 'summarize' CLI) matches the required binary and install methods (npm/brew). However there are inconsistencies in metadata: top-level registry Owner ID and slug ('summarizerx64') differ from the _meta.json ownerId and slug ('summarizerx86'), which could indicate packaging/copy-paste errors or provenance issues that deserve verification.
Instruction Scope: okSKILL.md instructs the agent to run the summarize CLI on URLs, local files and YouTube links — this is within scope. It also references an optional config file (~/.summarize/config.json) and optional fallbacks (Firecrawl / Apify) which explain some extra environment variables and external calls. The instructions do not ask the agent to read unrelated system files or secrets beyond those needed for summarization.
Install Mechanism: okInstallers are npm (@speechybubble/summarize) and a brew formula (speechybubble/tap/summarize). Both are standard package distribution mechanisms and do not pull from arbitrary URLs or extract unknown archives; this is proportionate for a CLI tool.
Credentials: concernSKILL.md references multiple provider API keys (OPENAI_API_KEY, ANTHROPIC_API_KEY, XAI_API_KEY, GEMINI_API_KEY) and optional FIRECRAWL_API_KEY / APIFY_API_TOKEN, but the skill metadata lists no required env vars. The instructions therefore access environment variables not declared in requires.env. Also, summarizing local files implies sending file contents to third-party LLM providers or fallback services — a legitimate capability but a privacy/exfiltration risk that should be acknowledged before installing.
Persistence & Privilege: okThe skill is not marked always:true and uses normal, user-invocable/autonomous invocation defaults. It does not request system-wide config changes or other skills' credentials in the provided materials.