Skillv1.0.0

ClawScan security

Nudgen: AI-Powered Email Retention & Automation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 10:29 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The package is internally consistent for a Nudgen-focused email/CLI/API guidance skill; it is instruction-only and does not request unrelated credentials or install arbitrary code, though its docs reference standard CLI install patterns and use of a Nudgen PAT that you should handle carefully.
Guidance: This is an instruction-only package that documents how to use the Nudgen API and CLI and gives email deliverability guidance. Things to consider before using or following its commands: 1) Expect to supply a Nudgen Personal Access Token (PAT) for API calls — never paste that into untrusted consoles or public prompts. 2) The docs recommend installing a separate nudgen CLI; if you run the suggested install script (curl | bash), review the script on GitHub first rather than piping blindly. 3) The CLI auth flow opens a browser and starts a local callback on port 3456 and saves tokens to your system keychain and ~/.nudgen/config.json — ensure you are comfortable with that behavior. 4) The package does not request unrelated credentials or system access, but verify the upstream URLs (app.nudgen.net, github raw URLs) are legitimate for your organization before proceeding. If you need higher assurance, ask the publisher for an official homepage or signed release artifacts and verify the nudgen-cli repo contents before installing.

Review Dimensions

Purpose & Capability: noteThe skill's name and description (Nudgen email retention, automation, and marketing) match the included API, CLI, and email-best-practices instructions. One minor inconsistency: the docs and examples routinely reference a Nudgen PAT (e.g., $NUDGEN_PAT) and keychain-backed token storage, but the package metadata lists no required env vars or primary credential. This is not dangerous by itself (the skill is only guidance), but callers should expect to supply a PAT when integrating with the actual Nudgen API/CLI.
Instruction Scope: okSKILL.md and sub-skill docs stay within scope: they provide endpoint shapes, curl examples, CLI commands, deliverability guidance, and operational caveats. They reference expected local artifacts (system keychain, ~/.nudgen/config.json) and a browser callback flow on localhost:3456 for CLI auth — all coherent with a CLI/API guidance package and not requesting unrelated system data or secrets beyond the Nudgen PAT/token.
Install Mechanism: noteThe skill itself has no install spec and contains no code files to execute at runtime, which is low risk. However, its README and CLI reference recommend installing an external nudgen CLI via either 'go install', git clone/make, or a curl|bash install script hosted on raw.githubusercontent.com. Those external install commands (especially piping a remote script to bash) are standard but carry the usual risk — review the install script/source before running it on your machine.
Credentials: noteThe material sensibly expects a Nudgen PAT for API/CLI interactions and refers to storing tokens in the system keychain. No unrelated credentials are requested. The metadata did not declare required env vars (e.g., NUDGEN_PAT) even though examples use them; this is a minor documentation mismatch but not an abuse of permissions.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated privileges. It documents normal CLI behavior that stores tokens in the system keychain and a config file at ~/.nudgen/config.json. Those are expected side effects of using the Nudgen CLI and are not unusual for this purpose.