Skillv1.0.1

ClawScan security

Google Contacts Create · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 26, 2026, 11:14 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (create a Google contact) does not match the pieces it asks for — it requires an unexplained COMPOSIO_API_KEY and an unknown 'gog' binary while giving no instructions for authenticating to Google, so the design is incoherent and needs clarification before use.
Guidance: Do not install or run this skill until the author clarifies several items. Ask for: (1) explicit explanation of the 'gog' binary (what it is, where it comes from, and a link to its official docs or release); (2) exactly which credentials and OAuth flows are used to create Google Contacts (OAuth client ID/secret + refresh token, service account JSON, or Google API key), and proof that the skill only needs those Google-scoped credentials; (3) why COMPOSIO_API_KEY is required and what service it grants access to; (4) concrete SKILL.md runtime steps or example invocation showing which commands are run and where data is sent; (5) where any tokens/secrets are stored and whether they leave the host. If the author cannot provide clear, documented answers and a minimal set of Google-specific credentials, treat the skill as risky. Prefer a skill that requests only the minimal Google credentials (with documented scopes) and uses a well-known CLI/SDK. Test any unknown binary in an isolated environment and avoid supplying unrelated API keys (like COMPOSIO_API_KEY) until its purpose is justified.

Purpose & Capability: concernThe skill claims to create Google Contacts but does not declare or request any Google-specific credentials (OAuth client, service account, refresh token, or GOOGLE_APPLICATION_CREDENTIALS). Instead it requires COMPOSIO_API_KEY and a 'gog' binary, neither of which are obviously related to Google Contacts; this is disproportionate and unexplained.
Instruction Scope: concernSKILL.md is extremely short and high-level — it provides no concrete runtime steps, no commands to run with the 'gog' binary, no target endpoints, and no description of how authentication is performed. The lack of detail is vague and grants broad discretion to the agent ('do the work'), which is scope creep and potentially dangerous.
Install Mechanism: okNo install spec and no code files are present (instruction-only). That minimizes direct install risk because nothing is downloaded or written by the skill itself.
Credentials: concernOnly COMPOSIO_API_KEY is required. That API key's relationship to Google Contacts is not documented; requiring a single, unrelated API key while omitting expected Google credentials is disproportionate and suspicious. The skill also mandates a 'gog' binary with no provenance.
Persistence & Privilege: okThe skill does not request always:true and has no install hooks or config paths. It does not ask for persistent system-level changes in the metadata provided.