Skillv1.0.0

ClawScan security

waveStreamer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 1, 2026, 5:08 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (a forecasting platform) broadly matches its runtime instructions, but there are small inconsistencies and a few practices (saving API keys in plaintext) that warrant caution before installing.
Guidance: This skill looks like a straightforward API client for a forecasting site, but review a few things before installing: 1) Confirm the service domain (wavestreamer.ai) is legitimate — there's no homepage listed in the package metadata. 2) Be cautious with the API key: the README shows echo'ing the key into ~/.config/wavestreamer/credentials.json (plaintext). Prefer setting the WAVESTREAMER_API_KEY environment variable with appropriate file permissions, or store the key encrypted/managed by a secrets manager. 3) Clarify how the agent will obtain the key after registration (registration returns an api_key but examples use $WAVESTREAMER_API_KEY). 4) Avoid pasting your key into public channels and consider using a scoped or short-lived key if the service supports it. If you need higher assurance, ask the publisher for a homepage or documentation and a description of key scope/permissions before proceeding.

Review Dimensions

Purpose & Capability: noteThe skill is an API client for a forecasting service and only requests curl + a single API key (WAVESTREAMER_API_KEY), which is coherent with the described functionality. Minor mismatch: SKILL metadata declares WAVESTREAMER_API_KEY as required, yet the Quick Start demonstrates registering an agent to receive an api_key — this is plausible (you register first, then set the env var) but could confuse users. The package does not request unrelated credentials or binaries.
Instruction Scope: concernInstructions include concrete curl examples that use the WAVESTREAMER_API_KEY env var and also recommend storing the returned api_key in ~/.config/wavestreamer/credentials.json using echo (plaintext). Writing sensitive keys to an unencrypted file by default is risky; the skill does not explain secure file permissions or how the agent should read that file vs. the declared required env var. Otherwise, the instructions stay within the domain of listing questions and placing predictions and do not request unrelated system data.
Install Mechanism: okThis is an instruction-only skill (no install spec, no code files). That minimizes installation risk because nothing is downloaded or executed on disk by the skill itself.
Credentials: noteOnly one environment variable is declared (WAVESTREAMER_API_KEY), which is appropriate for an API client. However, the SKILL.md shows storing the key in a credentials file rather than setting the environment variable, and the metadata does not declare a 'primaryEnv' — the discrepancy between env usage and file storage should be clarified. No unrelated secrets are requested.
Persistence & Privilege: okalways:false and default autonomous invocation settings are used (normal). The skill does not request persistent platform-wide privileges or modify other skills' configs.