Pluginv2026.3.22

ClawScan security

Twitch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 23, 2026, 9:58 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This Twitch channel plugin's code, dependencies, and runtime instructions align with its stated purpose (Twitch chat integration); nothing appears to request unrelated secrets or perform unexpected actions.
Guidance: This plugin appears to do what it says: connect to Twitch chat and resolve/send messages. Before installing: 1) Use a dedicated bot account and generate a token with only chat:read and chat:write scopes. 2) Store tokens and client secrets securely (not in public repos). 3) Configure access control (allowFrom or allowedRoles) as recommended to avoid unintentional public control. 4) If you rely on environment-variable fallback, inspect src/token.ts to see exactly which env var names are read and whether that matches your secrets handling policy. 5) As with any plugin that uses third-party npm packages, review/update dependencies periodically to mitigate supply-chain risk.

Review Dimensions

Purpose & Capability: okName/description match the code and dependencies: the package uses @twurple (Twitch API/chat libs) and implements chat, probe, resolver, access control, and token handling which are all expected for a Twitch plugin.
Instruction Scope: okSKILL.md instructs installing the plugin, creating a dedicated Twitch bot account, and supplying OAuth tokens and client ID—all within the plugin's scope. The runtime code interacts with Twitch APIs and chat as expected and does not instruct reading unrelated system files or sending data to third-party endpoints beyond Twitch.
Install Mechanism: okThere is no arbitrary download URL or extractor; the plugin is an npm-style extension relying on standard npm dependencies (@twurple, zod). This is proportionate for a channel plugin and introduces the usual third-party dependency risks, but no unusual install mechanism is present.
Credentials: noteRegistry metadata lists no required environment variables, and SKILL.md asks users to place tokens in config. The changelog mentions an environment-variable fallback for a default account token, so the code likely reads optional env vars (e.g., for convenience). Optional env reads are reasonable but the fallback env name is not declared in metadata—review src/token.ts to confirm which environment variables (if any) the plugin will read.
Persistence & Privilege: okalways is false and the plugin does not request elevated or persistent platform privileges. It operates within its own channel/plugin surface and does not modify other skills or global agent config.