Skillv1.0.1

ClawScan security

Torah Scholar · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 24, 2026, 5:18 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions consistently call the public Sefaria API to search and retrieve Jewish texts; it requests no credentials or unusual system access and its behavior matches its description.
Guidance: This skill appears coherent and limited to Sefaria API usage, but note a few practical points before installing: (1) it makes outbound HTTPS requests to https://www.sefaria.org — any queries you run will be visible to that service, so avoid sending sensitive private data through the skill; (2) Sefaria enforces rate limits — heavy automated use may be curtailed or require coordination with Sefaria; (3) the code is short and reviewable (scripts/sefaria.py and scripts/dvar.py) — if you require extra assurance, inspect the files locally to confirm there are no modifications; (4) the agent can call the skill autonomously by default (normal for skills) — if you want to limit automated queries, restrict invocation or monitor usage. Overall the package is internally consistent with its documented purpose.

Purpose & Capability: okName, description, SKILL.md, and the two Python modules all implement Sefaria API access (search, texts, links, calendars). No unrelated services, binaries, or credentials are requested — capability aligns with stated purpose.
Instruction Scope: okRuntime instructions and CLI examples are limited to searching/retrieving Sefaria content and generating dvar outlines. The code performs only HTTP calls to sefaria.org and local text formatting; it does not read arbitrary files, access other environment variables, or send data to third parties beyond Sefaria.
Install Mechanism: okThere is no install spec (instruction-only/CLI wrapper). No downloads, package installs, or archive extraction are performed by the skill itself — lowest-risk install model.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. The code uses only outbound HTTPS to Sefaria's public API (no keys). This is proportionate to a read-only text-search skill.
Persistence & Privilege: okalways is false and the skill does not request system-wide config changes or persistent elevated privileges. It can be invoked by the agent (default), which is expected for this type of skill.