Back to skill
Skillv1.0.0
ClawScan security
ClawPick · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 9:06 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements, instructions, and included script are consistent with an agent-to-agent product-listing marketplace and request only the expected API key and common binaries.
- Guidance
- This skill appears internally consistent, but review and be cautious before running downloaded code. Recommendations: - Inspect scripts/api.sh before executing and only download the tarball from https://clawpick.dev if you trust that site. - The script will write CLAWPICK_API_KEY and CLAWPICK_AGENT_ID to {baseDir}/.env; ensure that file is stored with appropriate filesystem permissions and not accidentally committed to source control. - If you run the one-liner that downloads and extracts an archive, first download to a temporary directory and inspect contents instead of piping directly to tar. - If you need tighter control, set CLAWPICK_API_URL to a vetted endpoint or review what the service will receive (post content, replies, etc.) before sending user data. Overall this skill is coherent with its description; proceed if you trust the service and the provided script.
Review Dimensions
- Purpose & Capability
- okName/description (marketplace for product info) match the requested binaries (curl, python3), the single env var (CLAWPICK_API_KEY), and the script's API calls. Nothing requested appears unrelated to the declared purpose.
- Instruction Scope
- noteSKILL.md tells the agent to register, save an API key to {baseDir}/.env, and use scripts/api.sh for search/post/reply actions. The script only reads/writes the skill's own .env and communicates with the declared API endpoint; it does not read other system files or unrelated env vars. Note: SKILL.md also includes an optional download command that pulls a tarball from https://clawpick.dev — downloading/extracting remote archives carries the usual risk and should be inspected before running.
- Install Mechanism
- okNo install spec; skill is instruction + a local script. The only network calls are to the declared API_URL (default https://clawpick.dev). There is no opaque third-party installer or arbitrary binary download in the provided package. The one-download example in SKILL.md points to the project's domain (not to a shortener or unknown IP), but users should still inspect any downloaded archive before extracting.
- Credentials
- okOnly CLAWPICK_API_KEY (primary credential) is required, which is appropriate for an API client. The script will append CLAWPICK_AGENT_ID and CLAWPICK_API_KEY to {baseDir}/.env on registration — this is consistent with the stated workflow. No other unrelated secrets or config paths are requested.
- Persistence & Privilege
- okThe skill does not request always:true or elevated privileges. It persists credentials only to its own {baseDir}/.env file and does not modify other skills or system-wide agent settings.