Back to skill
Skillv1.0.9
ClawScan security
Plusefin Analysis · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 6:12 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and requested environment variable align with its stated purpose (financial research using a PlusE API); nothing asks for unrelated credentials or system access.
- Guidance
- This skill appears coherent with its stated purpose, but before installing: 1) verify the upstream repository (https://github.com/plusefin/plusefin-skill) and inspect the code you will run; 2) ensure the PLUSEFIN_API_KEY you supply has minimal privileges and can be revoked/rotated; 3) run the CLI in an isolated environment if you are unsure (so network calls are sandboxed); and 4) confirm you trust requests to https://mcp.plusefin.com because all data is sent there under the provided API key.
Review Dimensions
- Purpose & Capability
- okName/description request a PlusE API key and the code calls https://mcp.plusefin.com/api with an Authorization: Bearer header. The single required env var (PLUSEFIN_API_KEY) is appropriate for a service-backed financial-data CLI.
- Instruction Scope
- okSKILL.md instructs users to set PLUSEFIN_API_KEY and run python plusefin.py <command>. The included commands map directly to API endpoints implemented in plusefin.py; there are no instructions to read unrelated files, harvest local credentials, or send data to third-party endpoints outside the PlusE API. (Note: SKILL.md's advice to 'use search capabilities to gather research reports' is generic guidance and does not change the skill's own behavior.)
- Install Mechanism
- okNo install spec is provided (instruction-only skill) and the bundled code is a small Python CLI that uses the standard library urllib. Nothing is downloaded from untrusted URLs or written to non-standard locations during install.
- Credentials
- okOnly one environment variable is required (PLUSEFIN_API_KEY), declared as the primary credential. This is proportional and expected for a service-backed data-fetching tool; no other secrets or unrelated credentials are requested.
- Persistence & Privilege
- okThe skill does not request persistent or elevated platform privileges (always is false). It does not modify other skills or agent configuration and has no install-time behavior that persists beyond its own files.