Skillv0.0.4

ClawScan security

Podcast Discovery · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 6:04 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements, instructions, and included code are consistent with a podcast-discovery tool that finds RSS feeds via Clawsica and builds wherever.audio links; it requests no secrets or unusual privileges.
Guidance: This skill appears coherent and limited to podcast discovery: it will call the public Clawsica API and fetch RSS feeds (network activity). It requires no secrets and has no install script, but includes a small Python utility you may need to run (pip install -r scripts/requirements.txt) if you want episode search locally. If you plan to enable web-search behavior implied by the docs, confirm which web/search tool the agent will use. As always, run included scripts in a controlled environment if you plan to execute them locally, and verify the Clawsica host (https://clawsica.wherever.audio) is trusted before relying on links returned by the skill.

Review Dimensions

Purpose & Capability: okName/description, SKILL.md, and included scripts all focus on locating podcast RSS feeds, selecting episodes, and constructing wherever.audio links. No unrelated credentials, binaries, or config paths are required.
Instruction Scope: noteRuntime instructions direct the agent to query the public Clawsica endpoint and to fetch arbitrary RSS feed URLs (via the provided local script) — this is appropriate for the stated purpose. The SKILL.md also says to "search the web first" for discovery queries but does not prescribe a specific external search API; this is a minor vagueness (the agent may use its available web/search tool). The instructions explicitly forbid sending raw RSS XML to the model and limit token usage, which aligns with the token-budget policy.
Install Mechanism: okThere is no install spec (instruction-only), and included Python tooling has a small requirements.txt (feedparser, rapidfuzz, pytest). No downloads from untrusted URLs or archive extraction are present. Semantic rerank optionally imports heavy ML libs but those are not required and the code falls back safely if absent.
Credentials: okThe skill declares no required environment variables or credentials. All network calls are to public endpoints (Clawsica and arbitrary RSS URLs) appropriate to the skill's function. No secret exfiltration or unrelated credential access is requested.
Persistence & Privilege: okThe skill does not request permanent inclusion (always=false), does not modify other skills or global agent config, and does not require elevated system privileges.