Skillv1.1.0

ClawScan security

Polyglot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 14, 2026, 7:35 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: This is a coherent wrapper around a paid external translation API (aiprox.dev) that requires a spend token and will send your text to that third party — it appears to do what it says, but you should not send sensitive data and should verify the provider and token scope.
Guidance: This skill appears to be a straightforward wrapper for a paid translation API, but it will send whatever text you give it (including any PII, secrets, or confidential content) to a third-party endpoint and uses a spend token for billing. Before installing: 1) Do not use the skill to translate sensitive or confidential text unless you trust aiprox.dev and have verified its privacy/logging policy. 2) Confirm what privileges and billing scope AIPROX_SPEND_TOKEN grants; prefer a limited/one-use token. 3) Test with non-sensitive text to confirm behavior and any costs. 4) If you require on-device or offline translations, this skill is not appropriate. 5) If you need stronger assurance that data is not logged/stored, ask the provider for written guarantees or audited policies.

Purpose & Capability: okName, description, and runtime instructions all describe a translation service and the declared requirement (AIPROX_SPEND_TOKEN) is consistent with calling a paid external API. No unrelated binaries, credentials, or installs are requested.
Instruction Scope: noteSKILL.md instructs the agent to POST arbitrary user text to https://aiprox.dev/api/orchestrate with the X-Spend-Token header. That matches the stated purpose (remote translation) but means user-provided text is transmitted to a third party; the file also contains an unverifiable trust statement that data is not stored or logged.
Install Mechanism: okInstruction-only skill with no install spec and no code files; nothing is written to disk by the skill itself, which is the lowest-risk install pattern.
Credentials: noteOnly a single environment variable (AIPROX_SPEND_TOKEN) is required, which is proportionate for a paid API. Treat the token as sensitive: it likely enables billing/spend and possibly API access — ensure the token is scoped/limited and not reused for other services.
Persistence & Privilege: okalways is false and the skill does not request system-wide persistence or modify other skills. Autonomous invocation is enabled by default but not excessive here.