Back to skill
Skillv1.0.0
ClawScan security
Auto Building · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 3, 2026, 7:59 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (building a content-aggregation system) aligns with its requirements and instructions, but it instructs you to clone and run an external GitHub repo — review that remote code and dependencies before executing.
- Guidance
- This skill description and instructions are coherent for building a scraping/aggregation site, but the package itself is instruction-only and points you to clone and run a GitHub repository. Before installing or running it: 1) Inspect the repository (https://github.com/hasd52636-a11y/Auto_Building_new) — review package.json, scripts, and any server-side code for unexpected network calls, credential handling, or malware. 2) Run npm install and the app in a sandbox or isolated environment (container/VM). 3) Review dependencies for known vulnerabilities and check whether the app asks for credentials or modifies system files. 4) Consider legal/terms-of-service issues for scraping target sites and respect robots.txt. If you want a higher-assurance verdict, provide the upstream repository contents so they can be statically inspected; currently that runtime code was not included in this package.
Review Dimensions
- Purpose & Capability
- okName/description (auto content-aggregation) match the declared requirements: Node/npm are required and the SKILL.md instructs cloning and running a Node app. Nothing in the skill metadata requests unrelated credentials, binaries, or config paths.
- Instruction Scope
- noteSKILL.md explicitly directs the agent/user to clone https://github.com/hasd52636-a11y/Auto_Building_new, run npm install, and run the app; it also instructs editing config/sources.json and running scraping tasks. These actions are consistent with the stated purpose but involve executing code fetched from a remote repository and initiating web scraping, so the remote repository's contents determine actual runtime behavior and risk.
- Install Mechanism
- noteThere is no bundled install payload in the skill package; the instructions point to a GitHub repo (well-known host) to clone. Using GitHub is expected for this purpose, but because the skill does not include the repo code, the reviewer could not inspect the actual runtime code. The SKILL.md also contains an 'install' clone entry referencing the same GitHub repo — consistent but worth verifying.
- Credentials
- okNo environment variables or credentials are requested by the skill package. The described functionality (scraping external sources) normally does not require platform secrets. Beware that the cloned repository could itself request or use credentials at runtime (not visible in this package).
- Persistence & Privilege
- okSkill is not marked always:true and uses normal, user-invocable/autonomous defaults. It does not request elevated platform persistence or modify other skills. Running the upstream app may require setting up scheduled jobs (e.g., npm run daily), but that's standard for this kind of application.