Back to skill
Skillv0.1.0
ClawScan security
Wrike · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 19, 2026, 1:04 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose, runtime instructions, required token, and install method are internally consistent with a Wrike CLI adapter, but the npm package origin is unspecified and should be verified before installing.
- Guidance
- This skill appears coherent for controlling Wrike via a CLI and only needs a Wrike API token. Before installing: verify the npm package 'claw-wrike' is the expected/official package (check npmjs.com, package maintainers, release history, and source repository); inspect the package contents or repository (install scripts, postinstall hooks) if you can; prefer creating a token with least privilege and rotate/revoke it if needed; check that ~/.claw-wrike/config.json is created with safe file permissions and that the CLI masks tokens when showing config; and consider running the CLI in a least-privilege environment or container if you are unsure of package provenance.
Review Dimensions
- Purpose & Capability
- okThe skill is named 'Wrike' and documents a Wrike CLI (claw-wrike) that uses a WRIKE_TOKEN. Required binary (claw-wrike), primary env var (WRIKE_TOKEN), and the documented commands align with the described purpose.
- Instruction Scope
- okSKILL.md only instructs using the claw-wrike CLI against the Wrike REST API and references storing the token in ~/.claw-wrike/config.json. It does not ask the agent to read unrelated system files, other env vars, or send data to unexpected endpoints.
- Install Mechanism
- noteInstall is via npm package 'claw-wrike' which is a reasonable choice for a Node CLI but carries the usual npm risks: install-time scripts can execute arbitrary code and the registry/package provenance is not provided in the metadata. The install spec is not a remote URL extract and looks proportional to the task.
- Credentials
- okOnly a single credential (WRIKE_TOKEN) is required and declared as the primary credential. That is appropriate for a Wrike integration; no unrelated secrets or config paths are requested.
- Persistence & Privilege
- okalways:false (no forced-permanent inclusion). The skill stores token in its own config path (~/.claw-wrike/config.json) per instructions, which is consistent with CLI behavior and does not request elevated or cross-skill privileges.