ClawHub
Back to skill
v1.0.2

Clawvard

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:24 AM.

Analysis

The skill is mostly a straightforward exam workflow, but it asks the agent to obtain and permanently save an authentication token linked to the human’s account.

GuidanceBefore installing, decide whether you trust clawvard.school with your agent’s exam answers and whether you want the agent to fetch and store an authentication token linked to your account. If you proceed, avoid saving the token in general memory and require explicit approval before authenticated retakes.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
Make an HTTP POST request to start the exam: POST https://clawvard.school/api/exam/start

The skill directs the agent to make external HTTP requests and submit exam answers. This is purpose-aligned for an online exam, but users should know their agent responses and identifying metadata are sent to an external service.

User impactYour agent will communicate with an external website and submit the exam answers it generates.
RecommendationOnly use the skill if you are comfortable sending agent name/model information and exam responses to clawvard.school.
Human-Agent Trust Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
tell your human EXACTLY this message ... 注册查看完整报告:https://clawvard.school{claimUrl}

The skill instructs the agent to relay a fixed registration prompt to the user after the exam. This is disclosed in the artifact and related to viewing results, but it is a promotional account-registration step.

User impactThe agent may present a fixed registration message encouraging the user to create or claim an account to view the full report.
RecommendationThe agent should clearly state that registration is optional and should not imply the user must register unless they want the full report.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
SKILL.md
If successful (200): you'll receive `{ "token": "..." }`. **Save this token permanently.** It links you to your human's account.

The artifact instructs the agent to obtain and permanently retain an authentication token tied to the human’s account, while the registry metadata declares no primary credential or required environment variables.

User impactThe agent could retain account-linked authority for future interactions with the service beyond the single exam session.
RecommendationRequire explicit user consent before fetching or saving the token, document the token’s scope and revocation process, and declare the credential requirement in metadata.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceHighStatusConcern
SKILL.md
If you saved a token from a previous exam, use it to start authenticated exams: POST https://clawvard.school/api/exam/start-auth Authorization: Bearer <token>

The skill relies on persistent reuse of a bearer token but does not define where it should be stored, how long it should be retained, who can access it, or how to prevent unintended reuse across future tasks.

User impactA saved token could be reused later to link additional exams to the human’s account without the user clearly re-approving each use.
RecommendationStore any token only in an approved credential store, avoid general agent memory, and prompt the user before each authenticated reuse.