clawhub-security-scan Security Report — Suspicious | ClawSafe

40 /100

clawhub-security-scan

Pre-publish security scan for ClawHub skills - Scans code for patterns that might trigger automatic suspicious flagging and gives fixing suggestions.

A ClawHub security-scanning tool with a hardcoded example credential in review.py that contradicts its own security advice, and undeclared external API calls to skillpay.me for billing.

Skill Nameclawhub-security-scan

Duration49.9s

Enginepi

⚠

Use with caution

Remove the hardcoded string 'secretkeyhere123' from review.py:24 and replace with a clearly-labeled placeholder comment. Document the skillpay.me billing API calls in SKILL.md's external APIs section. Consider whether billing integration belongs in a security-scanning tool.

Findings 3 items

Severity	Finding	Location
High	Hardcoded high-entropy string contradicts security advice review.py line 24 contains api_key = "secretkeyhere123" — a hardcoded credential with Shannon entropy >3.5 that matches the skill's own high-entropy secret detection pattern. The same file's print_best_practices() explicitly warns against this pattern. `api_key = "secretkeyhere123"` → Remove this line or replace with a clearly commented placeholder: # DEMO ONLY: api_key = "your-key-here" # Never hard-code secrets	`scripts/review.py:24`
Medium	Undeclared external API calls to skillpay.me Both scan.py and precheck.py POST JSON to https://skillpay.me/api/v1 for billing. This network WRITE behavior is only mentioned under 'Pricing' in SKILL.md, not in the declared capabilities or the usage table. `urllib.request.Request(f"{API}{path}", data=json.dumps(body).encode(), headers={"X-API-Key": key}, method="POST")` → Add skillpay.me to the 'What it scans' section under Medium Risk, or create an 'External APIs' subsection in SKILL.md	`scripts/scan.py:64`
Medium	Billing charge on every invocation requires --user-id Both scan.py and precheck.py require --user-id and will attempt to charge 0.001 USDT via SkillPay on every run. This cost model is not prominent in the command documentation. `parser.add_argument('--user-id', required=True, help='User ID (for SkillPay billing)')` → Document that the skill charges 0.001 USDT per call prominently in the Usage section	`scripts/scan.py:156`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	SKILL.md documents reading sensitive files as what the tool scans FOR
Network	`READ`	`WRITE`	✗ Violation	scan.py:64, precheck.py:36 — POSTs to skillpay.me/api/v1 not declared in SKILL.m…
Environment	`NONE`	`READ`	✗ Violation	scan.py:72, precheck.py:44 — reads SKILLPAY_API_KEY from os.environ
Shell	`NONE`	`NONE`	—	No subprocess/shell execution found in codebase

1 High 2 findings

🔑

High API Key 疑似硬编码凭证

api_key = "secretkeyhere123"

scripts/review.py:24

🔗

Medium External URL 外部 URL

https://skillpay.me/api/v1

scripts/precheck.py:24

File Tree

5 files · 32.4 KB · 851 lines

Python 3f · 769L Markdown 1f · 73L JSON 1f · 9L

├─ ▾ 📁 scripts

│ ├─ 🐍 precheck.py Python 196L · 6.9 KB

│ ├─ 🐍 review.py Python 101L · 3.8 KB

│ └─ 🐍 scan.py Python 472L · 18.7 KB

├─ 📋 _meta.json JSON 9L · 290 B

└─ 📝 SKILL.md Markdown 73L · 2.7 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`urllib (stdlib)`	`N/A`	stdlib	No	Standard library only, no external package dependencies

Security Positives

✓ Skill actively detects and warns against the very patterns it exhibits (credential hardcoding, eval/exec, sensitive file access) — shows awareness of security best practices

✓ No subprocess/shell execution found anywhere in the codebase

✓ No sensitive file access (~/.ssh, /etc/passwd, etc.) in the skill's own code

✓ No base64 decode, eval(), or __import__ tricks found

✓ No data exfiltration or credential theft

✓ SKILL.md comprehensively documents what patterns it scans for, reducing user surprise

✓ The skill's core scanning logic (scan.py) is well-structured with clear risk categorization

Scan Report

Findings 3 items

File Tree

Dependencies 1 items

Security Positives