Back to skill
Skillv1.0.0
ClawScan security
Idea Check · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 5, 2026, 2:47 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions are coherent with its stated purpose, but it relies on an external MCP server (run via mcporter/uvx) that is not included or described — this creates an opaque execution and network-access surface the user should review before installing.
- Guidance
- This skill delegates all scanning work to an external MCP server you must register/run (uvx idea-reality-mcp) via the mcporter tool. Before installing or running it: 1) ensure you trust the source of that MCP server code — review its source or run it in a sandbox; 2) ask what API keys or credentials the MCP requires and where/how they will be stored; 3) be aware the MCP can make arbitrary network requests and could exfiltrate data; and 4) if you cannot audit the MCP, avoid registering/running it on machines with sensitive credentials or run it in an isolated environment.
Review Dimensions
- Purpose & Capability
- noteThe name/description (scan GitHub, HN, npm, PyPI, Product Hunt) matches the workflow: the skill delegates scans to an external MCP service. Requiring the mcporter binary is consistent with that design, but the need for an external 'idea-reality-mcp' server is not documented in the skill metadata and is external to the package.
- Instruction Scope
- noteRuntime instructions only call mcporter with an idea text and depth; they do not read local files or env vars. However, the actual scanning work is performed by the external MCP server (uvx idea-reality-mcp), which could perform arbitrary network requests and access local resources — that behavior is outside the skill and therefore opaque.
- Install Mechanism
- okThis is instruction-only with no install spec or code files, so the skill itself writes nothing to disk. The README suggests installing mcporter (npm) and running uvx, but those steps are external to the skill.
- Credentials
- concernThe skill declares no environment variables or credentials, which is good. However, the external MCP server that it invokes will likely need API keys or tokens to query GitHub, Product Hunt, etc. Those credentials and how they are stored/used are not declared here, making the overall credential footprint opaque and potentially disproportionate to what's visible in the skill.
- Persistence & Privilege
- okThe skill does not request always-on presence, does not modify other skills' configs, and is user-invocable only. It does rely on a locally registered MCP service but does not itself demand persistent privileges.