Skillv1.0.0

ClawScan security

Web Learner 1.0.0 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 4, 2026, 8:40 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: Instruction-only web-browsing/search skill appears coherent with its stated purpose, but it omits declaring required credentials (Brave API key) and instructs the agent to fetch and interact with arbitrary web content (including pages behind login or anti-bot protections), which is a proportionality/visibility gap you should review before installing.
Guidance: This skill is instruction-only and its behavior (searching, fetching, and using a headless browser) matches its description, but there are a few things to check before installing: - The SKILL.md says web_search needs a Brave API Key, yet the skill metadata does not declare any required env vars or credentials. Confirm where and how that API key will be provided and stored if you install this skill. - The skill will fetch arbitrary web pages and may interact with pages that require login or have anti-bot protections. Do not provide personal account credentials unless you trust the skill and the hosting platform's secret storage policy. - Using a browser service may expose screenshots or page contents; consider privacy implications for pages containing sensitive data. - Verify that your platform provides the referenced tools (web_search, web_fetch, browser) and understand any costs or quotas (e.g., Brave API usage). If you need higher assurance, ask the publisher for clarification on required credentials, where keys should be set, and any safeguards for handling authenticated or private pages.

Review Dimensions

Purpose & Capability: noteThe skill's name and description (web search, browsing, fetching) align with the SKILL.md instructions (use web_search, web_fetch, browser). Behavior described (search, fetch, render JS pages) is coherent with the claimed purpose.
Instruction Scope: noteInstructions are limited to web search/fetch/browser flows and include sensible error handling and source attribution. They also instruct extracting page text/markdown and interacting with pages (screenshots, UI interaction). This is expected for a web-browsing skill, but such actions can touch pages requiring authentication or interactivity—there's no guidance about handling user credentials or private data, which is a possible privacy gap.
Install Mechanism: okNo install spec or code is included (instruction-only), so nothing is written to disk and there is no direct install risk.
Credentials: concernSKILL.md states that web_search requires a Brave API Key and browser requires a browser service, but the skill declares no required environment variables or primary credential. The absence of an explicit requirement for the Brave API key (or other credentials) is an incoherence: the skill will need external credentials/tools that are not declared in metadata.
Persistence & Privilege: okThe skill is not always-on and is user-invocable; it does not request persistent system presence or modify other skills' configs. Autonomous invocation is allowed by default (normal), but not combined with other high-risk factors here.