Skillv1.0.0

ClawScan security

Vow · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 8, 2026, 6:50 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: This skill is a high-level design/spec for a cryptographic 'vow' system but provides no implementation, no required credentials, and no concrete integration points — its claims are not matched by what it actually requests or instructs.
Guidance: This is a design/spec document, not an implementation. Before installing or using it: (1) Ask the author for concrete implementation details — which blockchains, oracles, escrow services, and exact APIs will be used? (2) Require a list of exact environment variables and scopes (private keys, RPC endpoints) and limit their permissions to the minimum necessary. (3) Request code or a reproducible install that can be reviewed and audited (smart contract source, oracle adapters, slashing logic tests). (4) Do not give any private keys or fund-locking permissions to an agent based solely on this spec; ensure you perform a security and financial audit before allowing autonomous operations that can lock or transfer value.

Review Dimensions

Purpose & Capability: noteThe name/description advertise orchestration of cryptographically enforced commitments (locking collateral, oracles, slashing). However, the skill requests no keys, APIs, or binaries and contains no code. For a feature that must interact with blockchains/oracles/escrow, the complete absence of required credentials or integration details is disproportionate and makes the skill's real capability unclear.
Instruction Scope: concernSKILL.md is a conceptual specification rather than concrete runtime instructions. It lists high-level steps (Assertion, Observation, Resolution) but gives no actionable endpoints, commands, or protocols. That vagueness grants an implementing agent broad discretion (it could try to gather keys, call arbitrary endpoints, or invent behaviors) and would require additional, explicit instructions before safe use.
Install Mechanism: okThere is no install spec and no code files — the skill is instruction-only, so nothing is written to disk or downloaded. From an installation standpoint this is low risk.
Credentials: noteThe skill declares no required environment variables or credentials. In practice, implementing cryptographic commitments would normally require private keys, blockchain RPC credentials, oracle endpoints, or escrow service tokens. The lack of any declared secrets is an inconsistency with the stated purpose and should be clarified.
Persistence & Privilege: okThe skill does not request persistent presence (always:false) and does not indicate any modification of agent/system configuration. Autonomous invocation is allowed by default, but given the skill currently has no actionable behavior, the persistence/privilege surface is minimal.