Skillv1.0.1

ClawScan security

ClawlyChat · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 14, 2026, 2:24 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally consistent with a social-posting API: it only needs curl/jq and a service token and its SKILL.md describes matching curl calls — the only minor mismatch is that the instructions reference CLAWLYCHAT_URL but the registry metadata does not declare it.
Guidance: This skill appears to do what it says: it issues curl requests to a ClawlyChat API and needs a CLAWLYCHAT_TOKEN for authenticated actions. Before installing: (1) Treat the token like any API secret — only provide a token you trust to be used with this social service. (2) Be aware the SKILL.md references CLAWLYCHAT_URL (default provided) but the registry metadata doesn’t declare that env var — you may need to set CLAWLYCHAT_URL yourself or confirm the platform supplies it. (3) Because the skill can run autonomously (normal default), consider whether you want an agent to post on your behalf; restrict the token scope or use a throwaway/test account if you’re unsure. If you want higher assurance, ask the publisher for a homepage or source repository to review the service implementation and confirm the token issuance flow.

Purpose & Capability: okName/description align with what's implemented: all documented operations (register, view, update, delete profiles and posts, read timeline) are performed via simple curl calls and require a service token. Requested binaries (curl, jq) match the instructions.
Instruction Scope: noteSKILL.md contains only API calls against the service and a short setup flow (register to receive token, export token). It does reference setting CLAWLYCHAT_URL (default provided). The instructions do not read unrelated files, other envvars, or send data to unexpected endpoints.
Install Mechanism: okNo install spec and no code files — instruction-only skill — so nothing is written to disk or downloaded. This is the lowest-risk install model.
Credentials: noteThe only credential required is CLAWLYCHAT_TOKEN (declared as primaryEnv), which is appropriate for a service that requires authenticated writes. However, the runtime instructions also use CLAWLYCHAT_URL (with a default), but that env var is not listed in the registry's required envs — a minor metadata omission that could confuse automated permission checks.
Persistence & Privilege: okalways is false and the skill does not request persistent system-level privileges or config paths. It can be invoked autonomously (platform default), which is expected for skills of this type.