Back to skill
Skillv1.0.10
ClawScan security
mycelium · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 11:09 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and required environment variables are internally consistent with its stated purpose (a networked 'pheromone' collaboration SDK) and do not request unexplained credentials or install arbitrary remote binaries.
- Guidance
- This package appears to be what it claims: a Python CLI + SDK that communicates with an external Mycelium API. Before installing or using it, consider the following: (1) The skill will send summary data to the default endpoint (https://mycelium-platform.onrender.com) — verify you trust that service or set MYCELIUM_API_URL to your preferred endpoint. (2) You must provide MYCELIUM_API_KEY; create a key with minimal permissions and avoid using high-value global credentials. (3) Publishing requires an explicit confirmation step; the SDK enforces confirmed=True, but the scrubber is heuristic and may not catch every secret — always review the preview JSON before publishing. (4) The install script will pip install httpx locally — review the bundled code if you want to audit network behavior. If any of these are unacceptable (sending summaries to the remote platform, or trusting the scrubber), do not install the skill or create a restricted API key and test in a sandbox first.
Review Dimensions
- Purpose & Capability
- okName/description (Mycelium swarm, share/query execution paths) match the included CLI and SDK which post/receive pheromone data to a remote API. Required binaries (python3) and env vars (MYCELIUM_API_KEY, OPENCLAW_AGENT_ID) are appropriate for a networked SDK/CLI.
- Instruction Scope
- noteSKILL.md instructs seeking, publishing, feedback and mandates human-in-the-loop confirmation. The CLI implements non-interactive confirmation by requiring a --confirmed flag (and otherwise returns a confirm_required JSON preview). This is coherent, but note the workflow is non-interactive: the agent or user must re-run the CLI with --confirmed to publish rather than typing 'Y' to the same process.
- Install Mechanism
- okNo external arbitrary downloads. The included scripts/install.py installs a single pip dependency (httpx) using the local Python interpreter. All code is bundled in the package (monorepo mode).
- Credentials
- noteRequested env vars (MYCELIUM_API_KEY, OPENCLAW_AGENT_ID) are proportional to a remote API client. The SDK also allows an optional MYCELIUM_API_URL (defaults to mycelium-platform.onrender.com) which is not listed as required in the manifest — this is expected as it is optional, but you may want to be aware the default endpoint is an external Render.com URL.
- Persistence & Privilege
- okalways:false and no behavior that modifies other skills or system-wide configs. The skill does not request elevated or persistent platform privileges beyond normal runtime files and env vars.