Skillv1.0.0

ClawScan security

Mcp Security Audit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 27, 2026, 12:43 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and runtime instructions are consistent with an on-disk security scanner: it recursively inspects files in a supplied path for malware patterns, hardcoded credentials, and compliance issues and produces a report — nothing in the package requires unrelated credentials, external network access, or elevated persistent privileges.
Guidance: This package appears to be a straightforward local file scanner and is internally consistent with its stated purpose. Before installing or running it: (1) review the included Python code yourself or with a trusted reviewer (it will read and report secrets found in files under the target path); (2) run it on a copy or in an isolated environment if you are concerned about exposing secrets in output or logs; (3) ensure you pass the intended directory path (it recursively scans the path you supply); (4) verify the publisher/source (the package files reference a GitHub homepage but registry metadata showed none) if you need provenance; and (5) do not run it with elevated privileges on systems you don't fully trust.

Review Dimensions

Purpose & Capability: okThe name/description match the actual behavior: audit.py and the CLI wrapper scan files for suspicious patterns, hardcoded credentials, bindings, and logging issues and produce a JSON report. The scanning targets (.py/.js/.env/Dockerfile/etc.) are appropriate for an MCP/server audit. One minor registry inconsistency: the registry metadata provided to you listed no homepage, but the included SKILL.md and claw.json declare a GitHub homepage (small metadata mismatch).
Instruction Scope: okThe runtime instructions and code operate only on a user-supplied target path and do not attempt to read unrelated system state or environment variables. The auditor scans many common config and source file types (including .env and Dockerfile) which is expected for this purpose. The SKILL.md itself is metadata-only; the actual behavior is implemented in the bundled Python files.
Install Mechanism: okNo install spec is provided (instruction-only install with included Python scripts). There are no downloads, external packages, or non-standard installation steps declared — the code uses only the Python standard library.
Credentials: noteThe skill requests no environment variables or credentials (appropriate). However, it intentionally reads files that often contain secrets (.env, .env.production, config files) and will include findings referencing those secrets in its output. This is expected for a scanner, but be aware it will surface sensitive data from the scanned path in its report.
Persistence & Privilege: okThe skill is not 'always' enabled and does not request persistent or elevated privileges, nor does it modify other skills or global agent settings. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.