Back to plugin
Pluginv1.0.0
ClawScan security
NuBerea · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 13, 2026, 4:51 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The plugin's code, runtime instructions, and requirements are coherent with its stated purpose (exposing NuBerea MCP tools); nothing appears to request unrelated credentials or perform surprising local access.
- Guidance
- This plugin appears to do what it says: register NuBerea tools and call the NuBerea MCP server (https://nuberea.com/mcp). Before installing, consider: 1) You will need a NuBerea account and will run `npx @nuberea/sdk login` which stores tokens in your OS keychain (or a fallback file in your user state directory). If you cannot or do not want tokens in the keychain, avoid installing. 2) The package depends on @nuberea/sdk from npm; if you want extra assurance, review that SDK's source (or its npm package) before installing. 3) The SDK optionally uses keytar (a native addon) — this may trigger native builds on install. 4) The plugin makes outbound HTTPS calls to nuberea.com; if your environment requires allowlists or auditing of external endpoints, add that host. 5) If you need higher assurance, verify the package's repository and npm integrity (checksums) and review the @nuberea/sdk release (0.0.7) referenced in package-lock.json.
Review Dimensions
- Purpose & Capability
- okThe package registers tools that map directly to NuBerea MCP tool names and an analytics endpoint; required dependencies (@nuberea/sdk, typebox) and the one-time OAuth login are consistent with a data-platform plugin exposing remote APIs.
- Instruction Scope
- okSKILL.md steps are narrowly scoped: install plugin/skill, run npx @nuberea/sdk login (browser-based OAuth + PKCE), then use tools. The only local accesses documented are storing tokens in the OS keychain or, if unavailable, in platform state files — these are justified by the OAuth flow and are explicitly documented with fallback paths.
- Install Mechanism
- noteThere is no separate registry 'install' spec in the metadata, but the package includes source, dist, package.json, and a package-lock that pulls @nuberea/sdk from the public npm registry — a normal npm-based install. No downloads from untrusted URLs are present. Minor note: @nuberea/sdk optionally uses keytar (native addon) which triggers native build/install scripts when used; this is expected for OS keychain access but increases friction and build-time surface.
- Credentials
- okThe skill declares no required environment variables or unrelated credentials. The only persistent secret is the OAuth access/refresh token managed by the SDK in the OS keychain or a well-scoped platform-state file path; this matches the described functionality.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated or cross-skill configuration changes. It persists only its own OAuth tokens (in keychain or its state file) — behavior described in SKILL.md and implemented via the SDK.