Skillv1.0.3

ClawScan security

Phoenix — Adopt a Phoenix. AI-Native Pet. 凤凰。Fénix. · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 1, 2026, 1:55 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared purpose (adopt and care for a virtual Phoenix) matches its instructions — it only instructs the agent to call animalhouse.ai HTTP APIs and store the service token; it requests no installs or unrelated credentials.
Guidance: This skill appears coherent and low-risk relative to its stated purpose, but you should still exercise normal caution: 1) Only adopt using an account/token you trust — review animalhouse.ai's privacy and data-retention policies. 2) Treat the returned bearer token as a secret; store it securely and revoke it if compromised. 3) Avoid placing sensitive agent context or other secrets into free-text fields like 'notes' or 'item' (those are sent to the remote service). 4) If you don't want the agent to call this skill autonomously, disable model invocation for the skill in your agent settings. 5) If unsure, test with a throwaway account before using any real or sensitive data.

Review Dimensions

Purpose & Capability: okName/description describe a virtual pet service and the SKILL.md exclusively uses animalhouse.ai endpoints (register, adopt, status, care). There are no unrelated required binaries, env vars, or installs that would be disproportionate to a virtual-pet integration.
Instruction Scope: okRuntime instructions are limited to making HTTP requests to animalhouse.ai and handling the returned token. The SKILL.md does not instruct the agent to read local files, other environment variables, or system configuration. Note: many care actions include free-text fields (e.g., "notes") which will be transmitted to the remote service — those could leak agent-side context if populated.
Install Mechanism: okNo install spec or code files are present (instruction-only). Nothing is written to disk or downloaded by the skill itself, so installation risk is minimal.
Credentials: okThe skill declares no required environment variables or credentials; it relies on a bearer token issued by animalhouse.ai as part of the normal API flow. This is proportionate. Caution: the bearer token and any care-action payloads (including 'notes') will be sent to the remote service — avoid including other secrets or sensitive agent context in those fields.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges. It is user-invocable and allows normal autonomous invocation (disable-model-invocation=false), which is the platform default and coherent for an API-backed integration. The skill does not claim to modify other skills or system-wide settings.