Skillv1.0.1

ClawScan security

info-collector · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 13, 2026, 4:39 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared purpose (aggregating public, real-time information) matches its instructions and footprint: it is an instruction-only aggregator that does not request credentials, installs, or unusual system access.
Guidance: This skill appears internally consistent for aggregating public information and is low-risk from an installation/credential standpoint. Before using it, consider: (1) it will attempt wide web crawling and social-media searches—ensure you are comfortable with that and with any legal/terms-of-service implications for scraping specific sites; (2) it cannot access paywalled or private accounts unless you supply credentials (which it currently does not request); (3) because it's instruction-only, the agent could fabricate unverifiable links or overly confident summaries—require that it include original source URLs and manually verify important items; (4) if you need repeated/scheduled runs or API-backed access (e.g., Twitter/X elevated API, WeChat), expect to provide appropriate credentials and check the skill’s updated instructions; (5) consider adding explicit constraints (rate limits, robots.txt compliance, allowed domains) if you plan broad automated collection.

Review Dimensions

Purpose & Capability: okThe name/description (real-time info aggregation) align with the instructions: constructing queries, searching public channels (news, social, GitHub, forums), deduplication, verification and report generation. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope: noteSKILL.md instructs broad public-web collection and cross-validation across many channels (official sites, media, GitHub, social platforms, forums). This stays within the declared purpose, but the instructions implicitly require web crawling/API calls and give the agent broad discretion for source selection and verification; there is no explicit guidance about respecting site terms, rate limits, or avoiding scraping of private/paid content. Also note agents can hallucinate links/sources unless constrained to actually-verified URLs—manual review is recommended.
Install Mechanism: okInstruction-only skill with no install spec, no downloads, and no code files. This minimizes on-disk risk and execution of third-party binaries.
Credentials: okThe skill requires no environment variables, credentials, or config paths. That is proportionate to its stated scope of collecting only public, non-authenticated content. If you expect it to access private accounts/APIs, those would need to be added explicitly.
Persistence & Privilege: okalways is false and there are no claims of modifying other skills or system-wide configs. The skill can be invoked by the agent (default), which is normal for skills of this type.