Ngrok Preview
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent or user passes a broad directory, the generated preview link could make many local files accessible through ngrok.
The script can copy an entire provided directory into the preview session. This is useful for artifact folders, but a mistaken broad source path could expose more local content than intended.
if src.is_dir():
shutil.copytree(src, dest)
else:
shutil.copy2(src, dest)Only pass explicit generated artifacts or narrowly scoped output folders; avoid workspace roots, home directories, credential folders, or private project directories.
Anyone who receives or is forwarded the link may be able to view the selected artifacts until the session is stopped or expires.
The skill intentionally shares a public preview URL through a messaging channel. This is the core feature, but access control is based on possession of the link.
Send the link with explicit expiry in Telegram. ... If not currently in Telegram, still return the same link format in the active channel.
Use short TTLs, include only non-sensitive task outputs, and stop the session when it is no longer needed.
The ngrok token authorizes tunnel creation under the user's ngrok account and should be treated as a credential.
The skill uses an ngrok account token for tunnel creation. This is expected for ngrok, but it is not declared in the registry metadata requirements.
ngrok config add-authtoken "$NGROK_AUTHTOKEN" ... If token is not preconfigured, pass `--auth-token` when running the script.
Configure the token securely, avoid pasting it into chats or logs, and use an ngrok token/account appropriate for temporary previews.
Users must rely on their own ngrok installation and verify they are installing it from a trusted source.
The registry metadata provides limited provenance and no install specification, while the skill documentation still requires users to install and run ngrok.
Source: unknown Homepage: none ... No install spec — this is an instruction-only skill.
Install ngrok only from the official ngrok source and consider adding explicit metadata for the required binary and credential.