Skillv2.0.0

ClawScan security

Claw Go · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 11, 2026, 9:32 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is a self-contained, text-only game skill whose requirements and instructions align with its stated purpose; nothing requested or installed is disproportionate to running an in-chat companion game.
Guidance: This skill is a text-only in-chat game and appears internally consistent. Things to consider before installing: (1) The game docs ask the agent to read recent chat and long-term memory to personalize destinations — if you prefer no personalization, disable or clear long-term memory or avoid granting memory access. (2) The references include example API endpoints for entitlement, media, and memory sync, but the current skill does not declare any credentials or perform network installs — if a future version adds network calls, check what API keys or endpoints it requires. (3) The skill explicitly forbids executing local scripts, reading local files, fetching arbitrary URLs, or publishing externally; if you see behavior contrary to that, stop using the skill and report it. Overall this skill is coherent with its purpose and does not request excessive access, but review privacy/memory settings if you are concerned about personalization.

Review Dimensions

Purpose & Capability: okName/description (a text-first crayfish travel companion) matches the manifest and SKILL.md. The skill is instruction-only, declares no binaries, env vars, or installs — appropriate for a chat-driven game.
Instruction Scope: noteMost runtime instructions stay in‑world and avoid external operations (SKILL.md explicitly forbids running local scripts, accessing files, fetching arbitrary URLs, or posting externally). The game design docs do instruct the model to consult 'long-term memory and recent chat' to personalize destination choices; that is coherent with personalization but means the agent will use user conversation/memory context. Also the references include example API endpoints (entitlement, media, memory sync) as documentation; the skill does not automatically call these nor declares credentials, but they could be used if an implementation later adds outbound calls.
Install Mechanism: okNo install spec and no code files — instruction-only. This is the lowest-risk install surface and consistent with the stated 'text-only' distribution.
Credentials: okNo environment variables, binaries, or config paths are required. The skill does reference user_id and entitlement/media APIs in docs, but it does not request related secrets or credentials in the manifest.
Persistence & Privilege: okalways:false and user-invocable:true. The skill does not request persistent system presence or modify other skills. It does assume access to conversation/memory for personalization, which is expected for a companion game.