Back to skill
Skillv1.0.3
ClawScan security
valuescan-monitor-skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewApr 14, 2026, 12:29 PM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and SKILL.md match its stated purpose (subscribe to ValueScan streams and persist events), but the registry metadata omits the required credentials and the skill instructs the agent to store API secrets in plaintext and manage background processes — these inconsistencies and persistence behaviors warrant caution.
- Guidance
- Before installing: 1) Note the registry metadata does not list the API credentials but the SKILL.md and code require them — ask the publisher to clarify. 2) The skill will ask you for your ValueScan API Key and Secret and store them in plaintext at ~/.vs-monitor/config.json; avoid providing other unrelated credentials and consider using a dedicated, restricted account or container. 3) The skill runs persistent background processes and writes/reads PID files and logs; review the included scripts yourself (they are present) and run them in a sandbox (container/VM) if you are unsure. 4) If you accept, verify the stream endpoints (stream.valuescan.ai / api.valuescan.io) are expected, and consider encrypting the config or restricting filesystem permissions on ~/.vs-monitor to reduce exposure.
Review Dimensions
- Purpose & Capability
- concernThe SKILL.md and included Python/TypeScript code clearly require a ValueScan API Key and Secret and will call stream.valuescan.ai / api.valuescan.io. However the registry metadata lists no required environment variables or primary credential, which is inconsistent with the declared credentials in SKILL.md and the code. Network endpoints used are limited to valuescan domains (no unexpected third‑party endpoints).
- Instruction Scope
- noteInstructions stay within the stated monitoring purpose: ask user for API credentials and an output directory, write a local config (~/.vs-monitor/config.json), start/stop background monitor processes, and write event data to local files. This is coherent with the description, but the agent is instructed to collect and persist secrets and to create/kill background processes and PID files — actions with meaningful system impact that should be acknowledged before granting the skill permissions.
- Install Mechanism
- okThere is no packaged install step (instruction-only), and included code indicates standard Python/npm deps (requests, sseclient-py, eventsource). No downloads from untrusted URLs or extract-from-remote operations are present. The user will need to run pip/npm to satisfy dependencies, which is normal for these scripts.
- Credentials
- concernThe skill legitimately needs a ValueScan API Key and Secret to authenticate SSE and API calls. However the registry metadata did not advertise required credentials while SKILL.md requires them and instructs storing them in plaintext at ~/.vs-monitor/config.json. Storing secret_key as cleartext and having the agent write it to disk is a sensitivity concern; the omission in registry metadata is an incoherence that reduces transparency.
- Persistence & Privilege
- noteThe skill creates background monitor processes, writes PID files to ~/.vs-monitor/, and includes instructions to kill existing PIDs. always:false (not force-enabled) and autonomous invocation allowed (platform default). While not outright privileged, background processes and PID-based kill logic can affect the host (e.g., PID reuse risks). The skill does not request or modify other skills' configs.