Skillv1.0.1

ClawScan security

Wilma Triage · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 16, 2026, 7:55 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (triage Wilma notifications and sync to Google Calendar) matches the runtime instructions, but there are inconsistencies in the metadata and the instructions ask the agent to read/write persistent files and local config paths that the registry did not declare — the user should review those gaps and trust boundaries before installing.
Guidance: This skill appears to do what it says, but there are metadata and scope gaps you should verify before installing: 1) Confirm you have and trust the 'wilma' and 'gog' CLIs (and the referenced 'wilma'/'gog' skills from ClawHub) because the skill runs their commands. 2) Be aware it will read your Wilma config (~/.config/wilmai/config.json) and gog CLI app data (~/Library/Application Support/gogcli/), but those paths were not declared in the registry — ensure you are comfortable with the agent accessing those local credentials. 3) The skill will write the calendar ID to TOOLS.md and store preferences in MEMORY.md (persistent agent files) — check these files for sensitive content and accept that they will be modified. 4) Because source/homepage is unknown, consider inspecting the 'wilma' and 'gog' skill code or running the commands manually first to confirm behavior. If you are uncomfortable with the agent reading/writing config or persistent files, do not install or run until the declarations and provenance are clarified.

Review Dimensions

Purpose & Capability: noteThe skill's required CLIs (wilma and gog) and the dependency on a wilma skill are consistent with its stated goal of fetching Wilma data and syncing calendars. However, the top-level registry metadata omitted the config paths and skill dependency that the SKILL.md declares (incoherent declarations).
Instruction Scope: concernSKILL.md instructs the agent to run wilma/gog CLI commands, read user-level config (~/.config/wilmai/config.json and gogcli app data), and to write the calendar ID to TOOLS.md and preferences to MEMORY.md. Reading/writing those persistent files and home-directory config is broader than a purely ephemeral triage run and could expose or alter other agent state; the registry did not advertise those config paths.
Install Mechanism: okInstruction-only skill with no install spec — low installation risk. It relies on preinstalled CLIs/skills rather than downloading code.
Credentials: concernNo environment variables are requested, which is reasonable, but SKILL.md references local credential/config files (Wilma config and gog CLI OAuth data) that are not declared in the registry metadata. The skill will access and persist data in agent-wide files (TOOLS.md, MEMORY.md), which may contain other sensitive context — this access was not fully declared.
Persistence & Privilege: noteThe skill is not always-enabled and does not request elevated system presence. It does instruct writing to TOOLS.md and MEMORY.md (agent persistent storage) to save calendar IDs and preferences; that persistent behavior is expected for personalization but should be accepted explicitly by the user.