Toani Vault CLI
ReviewAudited by ClawScan on May 11, 2026.
Overview
The skill is coherent for installing and using the Toani Vault CLI, but users should be aware it handles tokens, can run remote sandbox browser actions, installs an npm CLI, and may write persistent agent skill files.
Before installing, make sure you trust the Toani npm package and intend to authenticate it with your Vault account. Treat tokens, base-URL overrides, and sandbox sessions carefully; keep browser automation user-directed, avoid copying unrelated secrets during login, and decline optional Claude/Codex skill installation unless you want persistent Toani instructions there.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill may add a globally available `toani` executable from npm.
The skill directs installation of a global npm CLI package at the latest version. This is central to the stated purpose, but users are relying on the npm package provenance and whatever code is published there.
npm install -g @toani/vault-cli@latest
Install only if you trust the package source, and consider pinning or reviewing the package version in sensitive environments.
The CLI may access a token from your clipboard during login and store authentication material locally.
The CLI onboarding handles authentication tokens, reads the clipboard for a token during login, validates it, and stores it in the OS Keychain. This is expected for the integration but involves sensitive credential handling.
`toani login` semantics: - interactive onboarding with browser guidance - supports existing account, sign-up-first, and already-have-token paths - watches the clipboard for a PASETO token - validates the token by default - stores the token in the OS Keychain when possible
Use this only when you intend to authenticate Toani Vault, avoid copying unrelated secrets during login, and verify token storage behavior on your operating system.
An agent using this skill could help drive a remote browser session or make backend-side HTTP requests as part of a Toani sandbox workflow.
The sandbox feature supports broad browser and backend-side HTTP operations, including script execution and credential-associated sessions. This matches the sandbox automation purpose, but it can affect third-party sites or accounts if misused.
Supported operation types to rely on: - `navigate` - `click` - `fill` - `get_text` - `execute_script` - `wait` - `export` - `dom_export` - `http_request`
Keep sandbox actions tied to explicit user requests, review target URLs and actions before using credentials, and terminate sessions when finished.
The CLI may offer to add Toani-related instructions to Claude or Codex skill directories.
The CLI login flow may optionally create persistent skill files for other coding-agent environments. This is disclosed and appears optional, but it can affect future agent behavior outside the current OpenClaw skill.
may optionally install the bundled skill into `~/.claude/skills/toani-vault-cli/` or `~/.codex/skills/toani-vault-cli/`
Only allow bundled skill installation if you want those agents to have Toani Vault instructions, and remove the files later if no longer needed.