Back to skill
Skillv1.0.0
ClawScan security
Funnel · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 8:59 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only marketing/funnel advisor that requests no binaries, credentials, or installs and its content is consistent with its stated purpose.
- Guidance
- This skill appears coherent and low-risk, but verify the source before trusting sensitive data. Consider: - Do not paste passwords, API keys, or raw identifiable user data (PII) into prompts. - If sharing analytics or session recordings, anonymize or redact personally identifiable information first. - If provenance matters, check the listed homepage (https://clawhub.ai) and the author (AGIstack) for credibility; the registry metadata had a minor inconsistency about the homepage. - Remember the agent will only act on data you provide — avoid sending full logs or live credentials.
Review Dimensions
- Purpose & Capability
- okName, description, declared capabilities and the SKILL.md/examples/heartbeat content are aligned: they all describe funnel diagnosis, measurement, copywriting, onboarding, and experimentation. The skill requires no external services, binaries, or credentials — which is appropriate for an instruction-only consulting skill. Minor provenance note: registry metadata at the top said 'homepage: none' while skill.json includes a homepage (https://clawhub.ai); this is inconsistent but does not affect functionality.
- Instruction Scope
- okRuntime instructions and examples stay within the domain of marketing/funnel work and ask the user to provide funnel metrics, landing pages, or session recordings as input. The instructions do not direct the agent to read system files, environment variables, or hidden configs, nor to contact unexpected external endpoints. They do suggest reviewing user-supplied session recordings and analytics data, which is reasonable for the stated purpose but depends on what the user shares.
- Install Mechanism
- okNo install spec and no code files beyond markdown — the skill is instruction-only. This is the lowest-risk install posture and matches the skill's nature as a consulting/advisory tool.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. That is appropriate: nothing in the skill requires access to external APIs or secrets. There are no disproportionate or unexplained credential requests.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system presence or elevated privileges. There is no code that would modify agent configuration or other skills, and no autonomous privilege escalation indicators.