Skillv1.0.0

ClawScan security

Patent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 8, 2026, 7:05 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill makes large claims (global prior-art search, automated filings/enforcement, self-executing licensing) but provides no concrete mechanisms, dependencies, or credential requirements to perform them — the description is aspirational and the runtime instructions are vague, which is incoherent and risky.
Guidance: This skill reads like an aspirational product specification rather than an implementable skill. Before installing or allowing an agent to use it: 1) Ask the author for a concrete runtime spec — what APIs, endpoints, and credentials it will use (USPTO/EPO APIs, prior-art indices, marketplace monitors, smart-contract platforms). 2) Require explicit declaration of any environment variables or accounts it will need and review those for proportionality. 3) Do not grant it autonomous permission to file legal documents, transfer funds, or create enforceable contracts — require human-in-the-loop approval for any filing or licensing action. 4) Verify the skill owner's identity and ask for audit/logging guarantees and a clear rollback/termination path. 5) If you expect it to actually perform filings or enforcement, insist on a staged test plan and security review of any code or third-party services it integrates with. Providing those details could move this assessment toward 'benign'; absent them, the mismatch between claims and implementation is a red flag.

Review Dimensions

Purpose & Capability: concernThe name/description promise broad capabilities (global semantic prior-art search, enforcement monitoring, automated licensing/filings). Yet the skill declares no binaries, no external APIs, no credentials, and no install — there is no clear mechanism to perform those tasks. The requested scope is disproportionate to what the skill actually requires or provides.
Instruction Scope: concernSKILL.md is high-level architecture and marketing prose rather than actionable runtime instructions. It does not specify what data sources, APIs, or commands to use; it is vague/open-ended. That vagueness could lead an autonomous agent to attempt broad data collection or unsupervised actions using whatever system access it has, since there are no guardrails or explicit limits.
Install Mechanism: okNo install spec and no code files — lowest surface area for hidden code. Nothing would be written to disk or installed by the skill as provided.
Credentials: concernThe skill requests no environment variables or credentials, but its described capabilities would realistically require access to many external systems (patent office APIs, prior-art databases, marketplaces, payment/contract systems). That mismatch is suspicious: either it can't do what it claims, or it would require additional, undeclared privileges later.
Persistence & Privilege: okalways:false and no config paths or persistent behavior are declared. The skill does not request permanent presence or altered system settings.