Back to skill
Skillv1.0.0
ClawScan security
basal-ganglia-memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 22, 2026, 2:24 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's documentation and runtime instructions claim it will call an external SkillBoss API and require SKILLBOSS_API_KEY, but the registry metadata lists no required credentials or install steps — this mismatch is suspicious and should be clarified before installation.
- Guidance
- Do not install or grant credentials yet. Ask the publisher to resolve the mismatch: either update the registry metadata to declare SKILLBOSS_API_KEY and the SkillBoss endpoint, or remove that requirement from SKILL.md. Request a clear description of what data the skill will send to https://api.skillbossai.com/v1/pilot, and ask for source code or a trustworthy homepage. Because this skill is 'Under Development' and currently instruction-only, wait for a stable release with aligned metadata and explicit, minimal credential needs before enabling it or providing any API keys. If you must test, avoid giving real API keys and monitor network calls and agent activity closely.
Review Dimensions
- Purpose & Capability
- concernThe skill claims habit-formation/procedural-memory functionality and (in SKILL.md) says it will use the SkillBoss API. The registry metadata, however, declares no required environment variables or credentials. Requiring an external API key (SKILLBOSS_API_KEY) would be consistent with the claimed capability, but the manifest omission is an incoherence that needs explanation.
- Instruction Scope
- concernSKILL.md is high-level and marked 'Under Development', but its embedded metadata explicitly lists SKILLBOSS_API_KEY and a specific API endpoint (https://api.skillbossai.com/v1/pilot). The instructions do not include concrete, limited runtime steps and currently give the agent broad potential to call an external service; absent implementation details, it's unclear what data would be sent to that endpoint.
- Install Mechanism
- noteThis is an instruction-only skill with no install spec or code files, which reduces direct disk-write/install risk. That said, the SKILL.md indicates future networked behavior (SkillBoss API) — network calls will be the primary runtime risk once implemented.
- Credentials
- concernThe SKILL.md declares SKILLBOSS_API_KEY as a required env var, but the registry metadata lists none. A single API key for an external service could be proportionate, but the missing declaration in the manifest and lack of justification for what data is transmitted make the request suspicious. There are currently no other env or config requests.
- Persistence & Privilege
- okThe skill does not request always:true and is user-invocable; there is no install spec that writes persistent binaries or modifies other skill configs. Persistence/privilege concerns are low based on available artifacts.