Skillv1.0.0

ClawScan security

Recoup Sandbox Setup · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 20, 2026, 1:38 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The instructions match the stated goal (scaffolding org/artist folders via the Recoup CLI) but the skill omits declaring required tooling and authentication details and it instructs committing and pushing to a git remote—these mismatches merit caution before installing or running it.
Guidance: This skill appears to do what it says (scaffold org/artist folders using the Recoup CLI), but it omits important operational details. Before installing or running it: - Ensure the 'recoup' CLI is installed on the machine that will run the skill; the skill does not declare this requirement. - Make sure the Recoup CLI is authenticated (Personal API Key or Org API Key) and understand where those credentials are stored; the SKILL.md assumes the CLI will already have access to your account but does not request or describe the credential. - Review the repository and branch you will push to. The instructions perform 'git commit' and 'git push origin main' — confirm that 'origin' and 'main' are the intended remote/branch and that automatic pushes are safe in your environment. - Run the commands manually first in a controlled environment (or a fork/temporary branch) to confirm behavior and examine the generated RECOUP.md files before automating. If you want this to be safer/clearer, request the skill author to: declare 'recoup' as a required binary, document required authentication and environment variables, and make the git push step optional or interactive.

Review Dimensions

Purpose & Capability: concernThe skill's purpose is to use the Recoup CLI to enumerate orgs and artists and scaffold directories, which is coherent — however, the registry metadata declares no required binaries or credentials while the SKILL.md plainly depends on the 'recoup' CLI and on Recoup authentication (Personal API Key or Org API Key). Not declaring the Recoup binary or the need for authenticated CLI access is an inconsistency.
Instruction Scope: concernThe SKILL.md stays focused on scaffolding, but it instructs the agent to run 'recoup orgs list' and 'recoup artists list' (which will read local CLI credentials/config) and to run 'git add && git commit && git push' (which will interact with local git config and remote credentials). The instructions do not specify how authentication is provided, do not check for 'recoup' being installed, and assume pushing to 'origin main' is appropriate — these are operational assumptions that could lead to unintended side effects.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing will be downloaded or written by an installer. That low-install footprint is appropriate for a scaffolding script.
Credentials: concernThe metadata declares no required environment variables, but the SKILL.md references an optional RECOUP_ACCOUNT_ID and implicitly requires Recoup CLI credentials (Personal or Org API Key) to be present in the user's CLI configuration. The lack of explicit declaration for the Recoup credential or other auth artifacts is disproportionate to the task and hides a dependency on local secret/config state.
Persistence & Privilege: okThe skill does not request permanent inclusion (always: false) and does not modify other skills or global agent configuration. However, it does instruct creating files and committing/pushing them to a remote repo, which is a normal operation for a setup task but still requires user attention and appropriate git credentials.