Back to skill
Skillv1.0.0
ClawScan security
Dialogflow Cx Flows · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 28, 2026, 8:44 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code, documentation, and required credentials line up with its stated purpose of managing Dialogflow CX flows; it appears coherent but the package lacks provenance and doesn't declare the authentication environment variables in registry metadata, so verify credentials and source before use.
- Guidance
- This skill appears to do what it says: manage Dialogflow CX flows and pages. Before installing or running it: (1) Verify the source/repository since 'Source: unknown' and no homepage are provided. (2) Inspect the included scripts (scripts/flows.py) yourself — they are short and readable. (3) Use a Google service account with the minimum Dialogflow permissions required (principle of least privilege). (4) Prefer using gcloud ADC or a dedicated service-account JSON stored securely; do not paste tokens into untrusted UIs. (5) If you will run the pip-installed libraries, install them in a virtual environment. If any of these checks fail or you can't verify the origin, treat the skill with caution.
Review Dimensions
- Purpose & Capability
- okName/description match the included CLI script and SKILL.md. The script and curl examples all target Dialogflow CX v3beta1 endpoints and use standard Google auth mechanisms; nothing requested is unrelated to managing flows/pages.
- Instruction Scope
- okSKILL.md instructs the agent to obtain a Google access token (gcloud or service account) and call Dialogflow REST endpoints or use the provided Python CLI. Instructions do not request reading unrelated files or sending data to non-Google endpoints.
- Install Mechanism
- noteThere is no install spec (instruction-only), which is low-risk. The Python script recommends installing google-cloud-dialogflow-cx and google-auth via pip; that is expected for this functionality but the registry does not provide an automatic install step.
- Credentials
- noteThe skill requires Google credentials (gcloud ADC or a service-account JSON) to operate, which is proportional to its purpose. The registry metadata, however, lists no required env vars — SKILL.md mentions exporting GOOGLE_APPLICATION_CREDENTIALS and using a TOKEN/PROJECT_ID placeholders; this mismatch is informational but not malicious.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide changes or modify other skills. The CLI is a simple client and does not persist secrets or alter agent configuration beyond normal Dialogflow API operations.