Skillboss
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a real AI API gateway, but it exposes raw API keys and includes email/SMS batch-sending capabilities without visible safeguards.
Install only if you trust SkillBoss with the prompts, files, and API key you provide. Avoid using the email/SMS models unless you require them, require explicit approval before any send or batch send, and keep setup logs containing API keys private.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A SkillBoss API key could be captured in shell history, logs, or agent transcripts, allowing someone else to use account credits or access the service as the user.
The setup flow saves a returned API key locally and prints the full key to stdout, rather than only masking it.
config.apiKey = data.api_key; saveConfig(config); ... process.stdout.write(data.api_key);
Treat setup output as sensitive, avoid sharing logs, rotate the key if exposed, and prefer a secure environment variable or a helper that only prints keys with explicit user intent.
If invoked incorrectly or by an over-eager agent, the skill could send unwanted emails or SMS messages and potentially incur costs or reputational harm.
The skill documents external messaging actions, including batch email and SMS sends, but the artifacts do not show recipient review, allowlists, rate limits, or confirmation requirements.
`email/send` | Send single email ... `email/batch` | Send batch emails ... `prelude/notify-batch` | Batch SMS notifications
Only enable messaging models when needed, require explicit user confirmation with recipient/message review before sending, and add allowlists or batch-size limits.
Prompts, context, and selected files may leave the local machine and be processed by SkillBoss and its downstream model providers.
For speech-to-text, a user-selected local file is encoded and sent to the remote SkillBoss API.
inputs.audio_data = readFileSync(filePath).toString("base64"); ... body: JSON.stringify(body)Do not submit confidential files or prompts unless the user accepts the provider data flow; choose specific models instead of smart routing when provider choice matters.
Users have less independent provenance information for verifying the publisher and service relationship.
The registry metadata lacks a source repository and homepage, even though the skill contacts external service domains.
Source: unknown; Homepage: none
Review the included scripts and service domains before use, and prefer installing from publishers with clear source and support links.