Skillv1.0.9

ClawScan security

MacPowerTools · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 3:23 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches a local Mac maintenance tool, but multiple inconsistencies (claims of 'no persistence' while writing files, mismatched metadata/versions, and missing/placeholder handlers) mean you should review or clarify before installing.
Guidance: This skill mostly does local tasks, but there are several things to verify before installing: (1) SKILL.md repeatedly claims 'no persistence', yet the code creates ~/.logs and ~/.config/macpowertools and writes a learning.json — expect local on-disk traces. (2) SKILL.md metadata and registry metadata disagree about Python/numpy requirements and version numbers; confirm whether numpy will be installed or required. (3) The file contains comments claiming original cleanup/backup handlers are 'preserved', but the provided code appears to have placeholders rather than full implementations — ask the author for the full source or inspect the shipped file yourself. (4) The script runs dns-sd for LAN discovery (mDNS) — this is LAN-only but will enumerate local services; make sure you are comfortable with a skill doing local network discovery. If you decide to proceed, review the exact power_tools.py file that will be installed (search for any hidden network calls, unexpected file writes, or code executed for cleanup/backup) and confirm the author/registry identity and version alignment. If you need higher assurance, request a signed release or an install that clearly documents the files the skill will create and their purposes.

Review Dimensions

Purpose & Capability: concernName/description (local Mac optimization, local CoreML forecasting, LAN discovery) aligns with code that performs local simulations, a CoreML-style forecast, and an mDNS scan. However SKILL.md claims python>=3.10 and numpy as a requirement while the registry metadata lists no requirements; the script handles a missing numpy by returning an error. Also the SKILL.md and file comments claim full original cleanup/backup logic is present, but the provided power_tools.py appears to omit concrete handlers for many commands (placeholders/comments instead). These mismatches reduce confidence that the packaged code matches the advertised capability.
Instruction Scope: concernSKILL.md instructs a one-line install and claims '100% local, zero internet, zero sudo, zero persistence.' The code does run only local commands (dns-sd), prints share text (encouraging posting to Moltbook/other discovery), and does not perform remote network calls. But it creates persistent directories and files under the user's home (~/.logs and ~/.config/macpowertools and a learning.json file) — contradicting the 'no persistence' statement. The script also spawns subprocesses (dns-sd) and writes logs/history; instructions do not warn about this on-disk state.
Install Mechanism: noteThere is no install spec (instruction-only skill) which is low risk for supply-chain installs. SKILL.md metadata lists a PyPI dependency (numpy), but no automated install step is provided; the script handles numpy absence gracefully. This means the environment must already satisfy dependencies or the swarm-simulation feature will be disabled.
Credentials: noteThe skill requests no environment variables or system credentials, which is appropriate for the stated purpose. However it does create and write to hidden directories in the user's home (persistent logs and a learning.json history). That is reasonable for a local tool but contradicts the 'no persistence' claim and should be disclosed to users.
Persistence & Privilege: concernalways:false (normal). The code nonetheless creates persistent files under the user's home (~/.logs and ~/.config/macpowertools) and maintains a history file. SKILL.md explicitly claims 'no persistence', so the actual behavior is inconsistent and could surprise users. The skill does not request elevated privileges, but it does assert discoverability and prints share text for posting elsewhere.