Skillv1.0.1

ClawScan security

Gumroad Analytics · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 4:48 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and documentation are internally consistent: it reads a local Gumroad credentials file, calls the Gumroad API, produces a daily summary, and only writes raw payloads when the user explicitly opts in.
Guidance: This skill appears to do what it says, but take these precautions before installing or running it: - Verify the credentials file (~/.config/gumroad/credentials.json) exists and contains only the Gumroad access token; keep file permissions restrictive (chmod 600) as recommended. - Be cautious with --store-raw: inspect the raw-output redaction logic and confirm it removes all PII fields you consider sensitive (the script only removes keys 'email','full_name','name','buyer_email'). - The script sends the token as a URL query parameter, which can be captured in logs; if you prefer, run in a controlled environment or modify the script to use an Authorization header if Gumroad supports it. - Note the script respects an optional GUMROAD_CREDENTIALS_FILE env var (not documented in SKILL.md) — if you rely on that, ensure its value points to the intended file. - As with any third-party script, inspect the code yourself and run it in an isolated environment if you have concerns about credential exposure or file writes.

Review Dimensions

Purpose & Capability: okName/description match the implementation: the script requires curl/python3/date and a Gumroad credentials JSON, calls api.gumroad.com/v2/sales and /products, computes a daily summary, and writes outputs under memory/metrics/gumroad. No unrelated services, binaries, or credentials are requested.
Instruction Scope: okSKILL.md just instructs the agent to run the included shell script. The script only reads the declared credentials file (or an optional override), makes HTTPS calls to Gumroad, writes a summary file, and optionally writes redacted raw files when --store-raw is passed. It does not read other system files or transmit data to unexpected endpoints.
Install Mechanism: okNo install spec — instruction-only plus a small bundled shell script. Nothing is downloaded or written outside the working directory except the output files under memory/metrics/gumroad. This is low-risk and proportionate for the stated purpose.
Credentials: noteThe skill declares no required environment variables, but the script will honor an optional GUMROAD_CREDENTIALS_FILE env var as an override (not documented in SKILL.md). The primary credential is a local credentials.json file, which is appropriate. Note: the script passes the access token as a query parameter in curl requests (access_token=...), which can be logged in some systems — consider using an Authorization header if Gumroad supports it. Also verify that redaction covers any PII fields you care about before enabling --store-raw.
Persistence & Privilege: okalways is false and the skill does not modify other skills or global agent configuration. It writes output only to memory/metrics/gumroad within the workspace and does not persist raw payloads unless explicitly requested by the user.