Skillv1.0.0

ClawScan security

Press · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 8, 2026, 5:24 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only PR/press assistant whose requested footprint (no installs, no env vars, no code) matches its stated purpose and does not ask for unrelated credentials or system access.
Guidance: This skill is an instruction-only PR assistant and appears coherent with its stated purpose. Before using it: (1) do not paste secrets, API keys, or private credentials into chat — supply only the specific facts or quotes needed for a draft; (2) carefully review any journalist contact lists or outreach text the skill generates before sending; the skill does not itself have email credentials, so it cannot send messages unless you give those in another channel — be cautious with where you enter such credentials; (3) avoid sharing unpublished proprietary documents unless you trust the recipient; (4) if you want the skill to build contact lists or perform web lookups, ask how it will obtain that data and confirm consent/legality for outreach in your jurisdiction. If you need higher assurance, test the skill in a sandboxed account and verify outputs before any real journalist outreach.

Review Dimensions

Purpose & Capability: okThe name/description (media & PR help) matches the SKILL.md content: frameworks for newsworthiness, press releases, pitches, and crisis comms. It does not request unrelated binaries, cloud credentials, or system paths.
Instruction Scope: noteThe SKILL.md contains detailed step-by-step PR guidance and templates. This stays within PR scope, but many legitimate PR tasks require the user to provide potentially sensitive business information (e.g., embargo details, internal metrics, contact lists). The instructions do not appear to tell the agent to read arbitrary local files or environment variables, but they will naturally prompt the agent to ask the user for documents, quotes, or contact data — users should avoid pasting secrets or credentials into the chat.
Install Mechanism: okNo install spec and no code files — instruction-only. Nothing is written to disk or downloaded, so install risk is minimal.
Credentials: okThe skill declares no required environment variables, no primary credential, and no config paths. It therefore does not request unrelated secrets or system credentials. Note: it may ask users for contact info or internal metrics as part of normal PR workflows — those are user-provided and not required by the platform.
Persistence & Privilege: okalways is false and the skill is user-invocable with normal autonomous invocation allowed. This is the standard/default model and appropriate for a PR assistant. The skill does not request elevated or persistent system privileges.