Skillv1.0.2

ClawScan security

Envelope Sender · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 11, 2026, 9:51 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and credential use are generally coherent for sending a local PDF via an external eSignGlobal CLI, but there are a few mismatches and runtime risks (notably using npx without a pinned version and a small metadata inconsistency) that warrant caution.
Guidance: This skill appears to do what it says (send a local PDF via the eSignGlobal CLI) and only needs your ESIGNGLOBAL_APIKEY and a single absolute PDF path. Before installing/using it: (1) Ensure you trust the npm package @esignglobal/envelope-cli and its publisher—npx will fetch and run code from the registry. Prefer preinstalling a vetted binary or pinning a specific package version (e.g., @esignglobal/envelope-cli@1.2.3) to avoid unexpected updates. (2) Verify the package source (GitHub repo, maintainer) and review its code if possible. (3) Do not pass sensitive files—only provide the specific PDF you intend to send. (4) Make sure ESIGNGLOBAL_APIKEY is set in the environment and that you understand which account it maps to. (5) Note the small metadata inconsistency: registry shows no required env vars while the skill expects ESIGNGLOBAL_APIKEY—confirm this with the publisher or only run in an environment you control.

Purpose & Capability: noteThe skill's stated purpose (send a local PDF via the eSignGlobal CLI) aligns with the single primary credential (ESIGNGLOBAL_APIKEY) and the SKILL.md workflow. Minor inconsistency: registry metadata lists no required env vars while SKILL.md and metadata block declare ESIGNGLOBAL_APIKEY as the primaryEnv.
Instruction Scope: okSKILL.md limits behavior to a single, user-provided absolute PDF path, validates file type, and instructs using the external CLI via npx. It explicitly forbids scanning directories, glob expansion, printing or persisting secrets, and only asks for inputs needed for the task.
Install Mechanism: concernThere is no install spec; runtime use of `npx @esignglobal/envelope-cli` means the agent will fetch and execute code from the npm registry at runtime. The SKILL.md does not pin a package version or provide a checksum, increasing risk if the package or its maintainer is compromised.
Credentials: noteRequesting ESIGNGLOBAL_APIKEY is proportional to the stated task. However, the registry metadata omission of required env vars is a small inconsistency. The skill expects Node.js 18+, which is reasonable but not declared in registry 'required binaries'.
Persistence & Privilege: okThe skill does not request always-on presence, does not modify other skills, and is instruction-only. It does require the agent to execute an external CLI at runtime but does not request persistent agent-level privileges.