gqllint
WarnAudited by ClawScan on May 10, 2026.
Overview
GQLLint mostly behaves like a local GraphQL scanner, but its license-key parsing can execute generated Python/Node code from crafted license data.
Review this skill carefully before installing. Its local GraphQL scanning and optional git hooks are generally consistent with its purpose, but the license-validation code should be fixed because crafted license data could execute local code.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or malformed license key, or a compromised local config containing one, could cause commands to run under the user's account when the skill checks status or enables paid-tier scans.
The decoded JWT payload comes from the license key and is inserted directly into Python/Node source code instead of being passed as data. A crafted token payload could break out of the string and run local code during license checks.
decoded=$(echo "$padded" ... | base64 -d ...); exp_val=$(python3 -c "import json; print(json.loads('$decoded').get('exp', ''))" ...)Do not install until the license parser is fixed to parse JSON via stdin or a safely escaped argument, and verify JWT signatures without embedding token contents into generated code.
If run on a broad directory, it may inspect more local code than intended and include source lines in results.
The scanner is designed to read many files under the chosen target and print detailed findings. This is expected for a lint/security scanner, but it can expose source snippets in local output or reports.
Discovers all source files (skips .git, node_modules, binaries, images, .min.js) ... Outputs findings with: file, line number, check ID, severity, description, recommendation
Run it only against the intended repository or subdirectory, and review generated output before sharing it.
The skill can access the configured GQLLint license key locally.
The skill reads a GQLLint API/license key from a scoped OpenClaw config entry or environment variable. This is purpose-aligned for paid tiers and is disclosed, but it is still sensitive credential access.
OPENCLAW_CONFIG="${HOME}/.openclaw/openclaw.json" ... cfg.get('skills', {}).get('entries', {}).get('gqllint', {}).get('apiKey', '')Store only the intended GQLLint key in the configured entry, and avoid passing secrets on the command line on shared systems.
Commits or pushes may be blocked by future automatic scans until hooks are removed or bypassed.
The optional git-hook configuration persists in a repository and automatically invokes GQLLint during commit and push workflows. This is disclosed and purpose-aligned, but it changes ongoing repository behavior.
Pre-commit: scans staged files ... Pre-push: runs full scan of the working tree before push
Install hooks only in repositories where this behavior is desired, review lefthook.yml, and uninstall the hooks if they are no longer needed.