Back to skill
Skillv0.1.0
ClawScan security
ML Pipeline · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 27, 2026, 5:38 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and runtime instructions are consistent with a trading ML pipeline: no unexpected credentials, no external download/install steps, and the included scripts perform local file processing, reporting, and deployment operations that match the description.
- Guidance
- This package appears coherent with its stated purpose and the included scripts operate on local files (validation, analysis, copying, reporting). Before installing or running: (1) review and run the scripts in a controlled environment (not against sensitive system directories), (2) if you plan to connect to external feature stores or AutoML services, supply credentials only via secure mechanisms and be aware the skill does not declare or manage them, (3) note the deployment script will copy files into whatever target path you provide (use a sandbox or container if unsure). If you need higher assurance, ask the author for provenance or run the code in an isolated VM/container.
Review Dimensions
- Purpose & Capability
- okThe name/description (ML pipeline for trading) aligns with the included scripts and SKILL.md: data validation, feature engineering, AutoML orchestration, evaluation, feature-store integration (described), and deployment. The required resources (none declared) are reasonable for an instruction-only skill containing template scripts.
- Instruction Scope
- okSKILL.md gives high-level, ML-specific guidance (leakage checks, CV, AutoML steps) and asks the agent to gather dataset and pipeline parameters. The bundled scripts operate on local files and directories (validate, analyze, copy, report). There are no instructions to read unrelated system files, harvest environment secrets, or exfiltrate data to external endpoints.
- Install Mechanism
- okNo install spec is present (instruction-only skill) and all code is bundled. This is the lower-risk model: nothing is downloaded or exec-installed during install.
- Credentials
- noteThe skill declares no required env vars or credentials, which matches the bundled scripts (they do local file I/O only). SKILL.md mentions integrating with feature stores (Feast, Tecton) and AutoML libraries — those integrations would typically require credentials or external dependencies, but the skill does not request them. This is not necessarily malicious but means the agent will expect the user to provide any required service credentials or local configs at runtime.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide privileges. The deployment script writes to a target directory chosen at runtime and creates a .deployment.json and deployment_report.json in that target — expected behavior for a deployment utility. The skill does not modify other skills or global agent configuration.