Back to skill
Skillv1.0.0
ClawScan security
Companies & Contacts enrichment - Explorium AgentSource · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 1, 2026, 6:51 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (calling Explorium's AgentSource API), but the registry metadata omits the required API credential and install expectations — this mismatch and packaging inconsistency warrant caution before installing.
- Guidance
- This package appears to implement exactly what it claims (a CLI wrapper around Explorium's AgentSource API), but the registry metadata omitted the required API key and install notes. Before installing: (1) confirm you trust the author/source since the package will store an API key locally at ~/.agentsource/config.json (mode 600) if you choose to save it; (2) inspect bin/agentsource.py (included) and setup.sh (included) yourself — they perform local file operations and call https://api.explorium.ai/v1/, and do not download additional code; (3) prefer setting EXPLORIUM_API_KEY as an environment variable in your shell rather than pasting it into chat; (4) if you want higher assurance, run setup.sh and the CLI in an isolated environment (container or VM) and validate network endpoints and behavior; and (5) ask the publisher/registry maintainer to fix the registry metadata so required credentials and install steps are clearly declared. Additional provenance (homepage, publisher identity, or signed releases) would raise confidence.
Review Dimensions
- Purpose & Capability
- concernThe SKILL.md, plugin.json, README, setup.sh, and CLI all require an EXPLORIUM_API_KEY and clearly implement B2B search/enrichment via https://api.explorium.ai/v1/ — however the registry metadata at the top reported 'Required env vars: none' and 'Primary credential: none'. That metadata omission is an inconsistency between what the skill claims in the registry and what it actually needs and does.
- Instruction Scope
- okRuntime instructions are narrowly scoped to locating/running the included CLI, mapping user queries to API filters, calling the AgentSource REST API, writing results to /tmp JSON files, and optionally saving the API key to ~/.agentsource/config.json. The SKILL.md instructs not to paste API keys into chat and requires explicit consent before sending free-text 'call_reasoning'. No instructions ask the agent to read unrelated system data or exfiltrate data to unknown endpoints.
- Install Mechanism
- noteThere is no registry install spec, but the package includes setup.sh which copies bin/agentsource.py to ~/.agentsource/bin and optionally writes ~/.agentsource/config.json (mode 600). The installer performs no network downloads and uses only local file operations. The absence of an explicit install spec in the registry vs. an included installer script is a packaging inconsistency users should be aware of.
- Credentials
- concernFunctionally the skill only needs one credential (EXPLORIUM_API_KEY) which is proportionate for a REST API-based enrichment tool. The concern is that the top-level registry metadata omitted this requirement while plugin.json and SKILL.md declare it required — that metadata mismatch could mislead users into installing without realizing a secret is needed/stored locally (~/.agentsource/config.json).
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or global agent settings. It creates a local config file (~/.agentsource/config.json) only if the user opts to save the API key, and writes temporary results to /tmp as documented. These behaviors are expected for a CLI wrapper.