v1.0.0

Komodo

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 4:51 AM.

Analysis

This skill is coherent for Komodo infrastructure management, but it can use API credentials to perform high-impact deployment, restart, build, procedure, and stack actions that should be reviewed before installation.

GuidanceInstall only if you intend the assistant to help manage Komodo infrastructure. Use a least-privilege API key, avoid broad production credentials, and require explicit confirmation before deploy, stop, restart, delete, build, procedure, or direct API actions.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

python scripts/komodo.py deploy <name> ... start <name> ... stop <name> ... restart <name> ... deploy-stack <name> ... create-stack <name> <server> <compose.yml> [env_file] ... delete-stack <name> ... run-build <name> ... run-procedure <name>

These documented commands can mutate running infrastructure, stacks, builds, and procedures. The artifacts do not add clear approval, scope, rollback, or production-safety constraints around these high-impact actions.

User impactIf used with a powerful Komodo API key, the agent could stop, restart, redeploy, create, delete, build, or run infrastructure workflows that affect live services.

RecommendationUse a least-privilege Komodo API key, restrict access to intended projects or non-production environments where possible, and require explicit user confirmation before any execute, restart, delete, build, or procedure action.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

For operations not covered by the CLI, use curl: ... curl -X POST "$KOMODO_ADDRESS/execute/Deploy" ... Full API docs: https://komo.do/docs

The instructions provide a raw direct-API path for execute operations beyond the helper CLI. This is useful for the purpose, but it widens the action surface without documented guardrails.

User impactA user or agent could move beyond the predefined commands and call other Komodo API operations with the same credentials.

RecommendationPrefer scoped helper commands over raw API calls, document which execute endpoints are allowed, and require confirmation for any direct API mutation.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The artifact provides no source repository or homepage provenance. The included code is visible and no external install step is shown, so this is a provenance note rather than evidence of hidden behavior.

User impactUsers have less provenance information for deciding whether to trust a skill that controls infrastructure.

RecommendationReview the included script before use and prefer a version with a verifiable source repository or publisher provenance.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Set environment variables: - `KOMODO_ADDRESS` ... - `KOMODO_API_KEY` ... - `KOMODO_API_SECRET` ...

The skill requires Komodo API credentials, while the supplied registry metadata declares no required environment variables and no primary credential. Those credentials are used for infrastructure-changing API calls.

User impactUsers may not notice from the registry metadata that installing and using this skill requires privileged Komodo credentials capable of controlling infrastructure.

RecommendationDeclare the required environment variables and credential type in metadata, and advise users to create a least-privilege Komodo API key limited to the intended resources.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

scripts/komodo.py

def cmd_logs(name: str, lines: int = 100): ... result = read("GetLog", {"deployment": name, "tail": lines}) ... print(result["log"])

The helper can retrieve and print deployment logs into the agent context. This is expected for infrastructure troubleshooting, but logs may contain secrets or untrusted application text.

User impactContainer logs could expose sensitive operational data or prompt-like text to the assistant during troubleshooting.

RecommendationAvoid requesting logs from sensitive services unless needed, limit line counts, and redact secrets before sharing log output further.