Naver Writer ACP
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If admin credentials are present in the environment, a publish job may be sent through an internal/admin path instead of the marketplace offering path, bypassing normal scoped execution and billing/tracking controls.
The normal publish script can use ACP admin credentials to call a direct dispatch endpoint if the preferred offering execute URL is absent.
ADMIN_KEY_RAW="${ACP_ADMIN_API_KEY:-${ACP_CONTROL_PLANE_API_KEYS:-}}" ... "${CONTROL_PLANE_URL%/}/v2/jobs/dispatch-and-wait"Remove the admin fallback from the public skill or require a separate explicit debug command/flag with clear warnings, scoped credentials, and user confirmation.
Setup depends on code fetched or resolved outside this skill package, so the reviewed artifacts do not fully show what the thin runner will do during setup/login.
The setup flow executes an external npm package without a pinned version in the reviewed artifacts.
runner_cmd=(npx @y80163442/naver-thin-runner setup)
Pin the runner package version, document its provenance, and provide verification or lockfile information for users.
The local Naver thin-runner may continue operating as a background service after setup, which is expected for this workflow but should be visible to the user.
The setup command defaults to enabling auto-service behavior for the local runner, suggesting persistent background service configuration.
AUTO_SERVICE="${AUTO_SERVICE:-both}" ... runner_cmd+=(--auto-service "$AUTO_SERVICE")Document exactly what services are installed, how to stop or uninstall them, and consider making auto-service opt-in rather than the default.
The post content is sealed locally before submission, but job metadata and attestations are still shared with the configured ACP endpoint as part of publishing.
The publish flow sends runner attestation and sealed job payload data to an externally configured offering execute URL.
runner_attestation: identity.runner_attestation, sealed_payload: sealed.sealed_payload ... -d "$execute_body" "$OFFERING_EXECUTE_URL"
Use only trusted offering execute URLs, document what metadata is transmitted, and avoid configuring sensitive endpoints casually.