Back to skill
Skillv2.1.1
ClawScan security
Lead · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 4:53 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only lead-qualification helper whose requested inputs, runtime instructions, and lack of installs/credentials are coherent with its stated sales-focused purpose.
- Guidance
- This skill appears internally consistent and low-risk: it only processes user-provided lead information and does not ask for credentials or install software. Before installing, confirm the skill source or homepage if provenance matters (skill.json lists https://clawhub.ai but registry metadata shows none). When using the skill, avoid submitting sensitive personal data or confidential customer information unless you're comfortable sharing it with the agent, and remember the skill will generate follow-up text from whatever you provide. If you need tighter privacy or auditability, prefer skills from known publishers or request an auditable provenance/maintainer record.
Review Dimensions
- Purpose & Capability
- okName, description, and declared capabilities (lead qualification, gap identification, action recommendation, follow-up drafting) match the SKILL.md instructions and example usage. The skill does not request unrelated credentials or binaries. Minor metadata inconsistency: registry metadata at the top lists no homepage while skill.json contains a homepage URL (https://clawhub.ai); this is an administrative discrepancy but does not affect functionality.
- Instruction Scope
- okRuntime instructions are narrowly scoped to parsing user-provided lead information, scoring observable dimensions (fit, intent, urgency, authority), identifying gaps, recommending actions, and drafting concise follow-ups. The execution protocol explicitly instructs the agent to score only from visible evidence and not to guess, and does not direct the agent to read local files, system state, or external endpoints beyond user input.
- Install Mechanism
- okNo install specification and no code files are present (instruction-only). This is the lowest-risk model: nothing is downloaded or written to disk by the skill itself.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. All recommended inputs are user-provided lead data (names, role, messages, firmographics). There are no disproportionate secret or system access requests.
- Persistence & Privilege
- okThe skill is not marked always:true and does not request any persistent installation or modifications to other skills. It can be invoked by the agent (default behavior) but has no elevated privileges or background persistence.