Back to skill
Skillv1.0.2
ClawScan security
Daily-to-Goal MCP · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 23, 2026, 1:32 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's purpose and required DTG_API_KEY match, but the runtime instructions tell you to execute an npm package via npx with no homepage or source metadata—this means remote code will be fetched and run, which is disproportionate risk without more provenance.
- Guidance
- This skill appears to do what it says (manage Daily-to-Goal via an API key) but the runtime step uses `npx @daily-to-goal/mcp-server` with no homepage or source listed. That will download and execute code from npm on your machine. Before installing or running it: (1) verify the npm package exists and inspect its source (GitHub repo, package contents) and publisher identity; (2) prefer an official homepage or repository and avoid running npx from unknown packages; (3) run the MCP server in an isolated environment (container/VM) if you must test it; (4) create a limited-scope DTG API key and be prepared to rotate/revoke it; (5) avoid committing the key to source control and use a secrets manager. If the publisher or package cannot be verified, treat this as risky and decline installation.
Review Dimensions
- Purpose & Capability
- okName/description (Daily-to-Goal integration) align with the single required env var (DTG_API_KEY) and the listed tools (goals/tasks/entities/team). Requiring an API key for the D2G platform is expected.
- Instruction Scope
- noteSKILL.md is focused on the D2G integration and does not ask the agent to read unrelated files or additional credentials. However, it instructs adding an MCP server entry that will run `npx @daily-to-goal/mcp-server` at runtime, which grants the skill the ability to execute code obtained from npm.
- Install Mechanism
- concernNo formal install spec is provided, but the instructions rely on `npx @daily-to-goal/mcp-server`. That causes dynamic download-and-execute behavior from the npm registry. The skill metadata lacks a homepage/source and the package publisher is unknown, increasing the risk that running npx will fetch unvetted code.
- Credentials
- okOnly DTG_API_KEY is required and that directly corresponds to the D2G API usage described. No additional unrelated credentials or config paths are requested.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request persistent, platform-wide privileges. The MCP server pattern will run separately but the skill itself does not demand elevated agent-wide privileges in the metadata.