Skillv1.0.0

ClawScan security

Eightctl · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousFeb 11, 2026, 8:20 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's documented runtime instructions (and embedded install metadata) ask for a specific binary and user credentials, but the registry metadata omitted those requirements — this mismatch and the implied install-from-source warrant caution.
Guidance: This skill appears to do what it claims (control Eight Sleep pods) but there are mismatches between the registry metadata and the SKILL.md: the skill expects a local eightctl binary and your Eight Sleep credentials (EIGHTCTL_EMAIL / EIGHTCTL_PASSWORD or ~/.config/eightctl/config.yaml), yet the registry declared no env or install requirements. Before installing or enabling: 1) verify the source (visit the eightctl upstream repo at github.com/steipete/eightctl) and inspect the code you will build; 2) prefer creating a limited account or API credentials rather than using your primary account/password; 3) if you don't want to build/install binaries, ensure your agent environment already has a vetted eightctl binary; 4) ask the publisher to correct registry metadata so required env vars and install steps are explicit. These steps reduce risk even though the skill itself is not clearly malicious.
Findings: [no_regex_findings] expected: The repository contains only SKILL.md (no code files), so the regex scanner had nothing to analyze. The SKILL.md itself includes install metadata which the registry summary omitted.

Purpose & Capability: okThe name/description (control Eight Sleep pods) matches the commands shown in SKILL.md (status, temp, alarms, schedules). The functionality described is internally consistent with using an eightctl CLI.
Instruction Scope: okSKILL.md's runtime instructions are narrowly scoped to invoking the eightctl CLI and using its subcommands. It does not instruct reading unrelated system files or sending data to third-party endpoints beyond the Eight Sleep API.
Install Mechanism: noteSKILL.md front-matter includes an install entry that builds/installs eightctl from a GitHub Go module (github.com/steipete/eightctl@latest). Installing from a public GitHub Go module is a common, traceable choice but is higher-risk than an instruction-only skill because it compiles and writes a binary to disk; verify the upstream source before building.
Credentials: concernSKILL.md references a config path (~/.config/eightctl/config.yaml) and environment variables EIGHTCTL_EMAIL and EIGHTCTL_PASSWORD, but the registry metadata claims 'no required env vars' and 'no install spec'. This inconsistency is concerning: the skill expects account credentials (sensitive) that were not declared by the registry.
Persistence & Privilege: okSkill is not always-enabled and does not request elevated platform privileges or modify other skills. It appears to be invoked only when used.