Back to skill
Skillv1.0.12
ClawScan security
testskill-0410repo123 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 29, 2026, 5:21 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's purpose and runtime instructions match a CLI summarizer, but the SKILL.md references several environment variables and a home config path that are not declared by the skill metadata, and the install comes from a third‑party Homebrew tap — these inconsistencies warrant caution.
- Guidance
- This skill appears to be a thin wrapper around an external 'summarize' CLI — verify the Homebrew tap (steipete/tap) and the formula source before installing. Expect to provide provider API keys (OpenAI, Anthropic, xAI, Google) and optionally FIRECRAWL/APIFY tokens; do not place unrelated secrets in ~/.summarize/config.json. If you plan to install and use it, inspect the formula/repo for the summarize binary source or run it in a sandboxed environment first. Because the metadata omitted the env vars that the README references, treat that as a red flag and confirm what files/vars the installed binary reads before giving it access to sensitive credentials.
- Findings
[no_findings] expected: The static regex scanner reported no findings because this is an instruction-only skill with no code files to analyze. That absence is expected but provides limited assurance.
Review Dimensions
- Purpose & Capability
- noteName/description (summarize URLs/files/YouTube) align with the required 'summarize' binary and the provided CLI examples. Requiring a summarize binary installed via Homebrew is coherent with the stated purpose.
- Instruction Scope
- noteSKILL.md instructs the agent to run the summarize CLI and documents flags, model selection, and an optional config file (~/.summarize/config.json). These instructions stay within the summarization scope, but they instruct use of environment API keys and a home config file that the skill metadata did not declare.
- Install Mechanism
- noteInstall spec uses a Homebrew formula (steipete/tap/summarize) which is a common pattern. However it is a third‑party tap (not core/homebrew), so the tap/source should be verified before installing; no archive downloads or opaque URL installs are present.
- Credentials
- concernThe metadata lists no required environment variables, but SKILL.md explicitly references multiple provider keys (OPENAI_API_KEY, ANTHROPIC_API_KEY, XAI_API_KEY, GEMINI_API_KEY and aliases) plus optional FIRECRAWL_API_KEY and APIFY_API_TOKEN and an optional config file in the user's home directory. The omission of these from declared requirements is an incoherence and raises risk: the tool will read env vars and a home config file that may contain secrets, and this behavior is not called out in the metadata.
- Persistence & Privilege
- okSkill is not always-enabled and is user-invocable. It does not request system-wide config changes or elevated privileges in metadata. No signs of forced persistence or modification of other skills.