Back to skill
Skillv1.0.0
ClawScan security
Trello · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 11, 2026, 8:21 AM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions match its stated purpose (calling the Trello REST API), but registry metadata omits required credentials and a required binary (jq) found in SKILL.md — an incoherence that should be corrected before use.
- Guidance
- This skill appears to be a straightforward Trello CLI how-to: it uses curl + jq and requires your Trello API key and token. Before installing or enabling it, consider the following: - Metadata mismatch: The SKILL.md requires TRELLO_API_KEY, TRELLO_TOKEN, and jq, but the registry entry lists none. Ask the publisher to fix the declared requirements so the platform can manage secrets/binaries correctly. - Only provide Trello API key/token if you trust the skill source. These tokens grant access to your Trello account — treat them as sensitive secrets and store them in the platform's secret store (not in shared shell startup files). - Avoid pasting tokens on the command line in shared shells or logs. Prefer using the platform's environment or secret-management features. - Because this is instruction-only, there's no downloaded code, which lowers install risk. Still verify the skill owner (kn70py...) and consider using a scoped/limited Trello token if possible. If you are unsure or cannot confirm the publisher, do not set your real Trello credentials until the metadata is corrected and you have validated the source.
Review Dimensions
- Purpose & Capability
- noteThe SKILL.md describes standard Trello REST API operations (list boards/lists/cards, create/move/archive cards) and uses curl/jq. Those requirements are coherent with the skill name and description. However, the registry-level metadata included with the skill (requirements section) declares no required env vars or binaries while the SKILL.md explicitly needs TRELLO_API_KEY, TRELLO_TOKEN, and jq — a packaging/metadata mismatch.
- Instruction Scope
- okRuntime instructions are narrow and prescriptive: they show curl calls to api.trello.com using the API key/token and jq to format output. The instructions do not ask to read unrelated files, system config, or send data to endpoints other than Trello. They do, however, instruct users to place sensitive credentials in environment variables (expected for API usage).
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk by the skill itself. That minimizes install-risk.
- Credentials
- concernThe secret-level credentials requested in SKILL.md (TRELLO_API_KEY and TRELLO_TOKEN) are appropriate and proportionate for a Trello integration. The concern is that the registry metadata does not declare these required env vars (and doesn't declare jq), meaning the platform may not surface or manage those secrets properly for users. This metadata omission creates a risk of misconfiguration or accidental credential exposure.
- Persistence & Privilege
- okThe skill does not request permanent presence (always: false) and does not modify other skills or agent-wide config. Autonomous invocation is enabled (default), which is normal and expected for skills, and does not by itself increase concern here.