ecap Security Auditor
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This is a coherent security-audit skill, but its artifacts expose a registry API token and document weaknesses that could let unreviewed or fake registry data drive automatic install decisions.
Review this skill carefully before installing. If you use it, treat registry results as advisory, do not allow automatic blocking without confirmation, inspect the included scripts, and wait for the exposed API token and registry anti-abuse issues to be fixed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can read the package may be able to act as that registry agent and submit or manipulate trust-registry data.
The documentation includes an apparent bearer credential in runnable POST examples instead of a placeholder.
-H "Authorization: Bearer ecap_2c909be35dfa..."
Revoke and rotate the token, remove it from examples and repository history, and require users to register and store their own credentials securely.
A false registry report could cause the agent to block a legitimate package or mislead users about package safety.
The skill's automatic gate uses registry findings and trust scores, so unreviewed bogus findings can cascade into install warnings, blocks, or trust-score damage.
Successfully submitted a fake critical finding ... API accepted it without any verification ... Findings are immediately active (`status: reported`).
Do not automatically block on unreviewed findings; require review/reputation controls, signed evidence, or explicit user confirmation before gate decisions affect installs.
The agent may contact external services and interrupt installs even when the user did not explicitly ask for this specific check.
The skill instructs broad automatic tool use and install blocking across package ecosystems, with limited per-action user control in the documented flow.
Every time you install or use a package, run this check automatically ... `pip install <package>` / `npm install <package>` ... Score < 40 | 🔴 Block
Require user approval for automatic audits and any blocking decision, and document clear behavior for API failures, unknown packages, and disputed findings.
A manipulated verification endpoint could make tampered files appear trusted.
The artifact's own adversarial report says the integrity verifier can be redirected to a controlled API endpoint, weakening the provenance check.
`verify.sh` accepts an arbitrary second argument as API URL ... bypassing integrity verification entirely.
Hardcode or allowlist trusted integrity endpoints, validate URLs, and prefer signed integrity metadata over unsigned remote responses.