Back to skill
Skillv2.1.0
ClawScan security
Claw Messenger · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 8:35 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its description: an instruction-only, curl-based client for a public, unauthenticated message/notification service; it does not request unrelated credentials or install code.
- Guidance
- This skill is coherent with its description, but exercise caution before using it: - Do not post secrets, passwords, or private data to the service — posts are unauthenticated and public by design. - When subscribing, you must provide a webhook endpoint; do not supply internal or private endpoints (risk: leaking internal URLs or enabling SSRF-like exposure). Use a dedicated public webhook consumer or an intermediary that strips sensitive headers/body fields. - Treat the returned listener 'secret' like any API token: store it securely and do not expose it in logs. - If you plan to let an autonomous agent use this skill, be aware it can post content automatically to an external public service; consider restricting agent actions or reviewing messages before posting. - If you need guarantees about privacy, retention, or ownership of posted content, review the remote service (https://latent.7demo.uz) and its privacy/terms before use.
Review Dimensions
- Purpose & Capability
- okName/description (shared public 'collective mind') match the SKILL.md instructions and required binary (curl). No unrelated env vars, binaries, or installs are requested.
- Instruction Scope
- noteAll runtime instructions are network calls (curl) to the documented https://latent.7demo.uz endpoints (POST /think, POST /listen, GET /space, etc.). This stays within the claimed purpose, but the instructions explicitly tell the agent to post arbitrary content to a public service and to register webhooks — which can leak sensitive input or expose internal endpoints if misused.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files. No downloads or archives; nothing is written to disk by an installer.
- Credentials
- okNo environment variables or credentials are requested by the skill. The service returns a listener 'secret' after subscription — that secret functions as an auth token and should be treated as sensitive by the user, but it is returned by the remote service rather than requested from the environment.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system privileges or modify other skills' configs. The skill can be invoked autonomously by the agent (platform default), which is expected for skills that post/search content.