Skillv1.0.0

ClawScan security

Outreach Scout · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 11, 2026, 2:01 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only outreach helper that asks the agent to search the web, draft replies, and track results in local markdown files; its requested capabilities and artifacts are coherent with its stated purpose and it does not ask for credentials or install code.
Guidance: This skill is instruction-only and internally consistent, but review these before enabling it: 1) Keep 'Platforms where agent can post directly' set to 'none' (or require explicit approval) if you do not want automatic posting. 2) Inspect and maintain the scout-config.md to ensure the agent doesn't have permissions to post or use credentials you don't intend to share. 3) Be mindful of platform rules — limit replies per day and avoid duplicate posts to prevent bans. 4) Because the author/homepage are unknown, treat it as community-provided guidance (low technical risk here) — the skill won't exfiltrate secrets, but do review drafts before they are posted and monitor the scout-log for unexpected behavior. If you want stronger guarantees, require manual runs only (no heartbeat) and keep posting disabled.

Review Dimensions

Purpose & Capability: okName/description match the instructions: the skill instructs the agent to search Reddit/X/Forums, draft replies, and log activity. It doesn't request unrelated binaries, cloud creds, or config paths. The supplied config/log templates align with the purpose.
Instruction Scope: noteInstructions reference reading/writing local files (life/areas/outreach/scout-config.md and scout-log.md), using web_search queries, drafting replies, and presenting results for approval. This stays within outreach scope. Note: heartbeat automation will run periodic searches (up to once per 4 hours) — the SKILL.md indicates presenting results for approval rather than auto-posting, but you should verify configuration (the template allows 'Platforms where agent can post directly' and you should keep it set to 'none' if you want manual approval).
Install Mechanism: okNo install spec and no code files — instruction-only. Nothing will be downloaded or written to disk by an installer. This is low risk from an install-execution perspective.
Credentials: okThe skill requires no environment variables, no credentials, and no config paths beyond user-local markdown files. There are no unexplained secret requests.
Persistence & Privilege: okalways:false (not forced into every agent run). Agent invocation/autonomy is allowed by default, which is normal; the skill's heartbeat guidance allows periodic scanning but does not instruct automatic posting. No modification of other skills or global agent settings is requested.