Skillv1.0.0

ClawScan security

Logfmt Parser · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 14, 2026, 3:50 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are internally consistent with a local log-parsing utility and do not request unexpected credentials, network access, or elevated persistence.
Guidance: This skill appears to be a simple, local log-to-JSON parser with no network calls or secret access. Before installing or running it, (1) note the minor mismatch between the SKILL.md command name ('logfmt_parser') and the provided script (tool.py) — you may need to run the script directly or wrap it with an executable name; (2) review the bundled tool.py yourself if you will run it on sensitive logs to ensure its parsing behavior meets your needs; and (3) if you expect automatic forwarding to log aggregators, understand that the code does not perform any network forwarding and would need additional, credentialed integration to send logs elsewhere.

Purpose & Capability: noteThe name/description match the provided code: tool.py is a log key=value/timestamp parser that emits JSON. Minor mismatch: SKILL.md shows a 'logfmt_parser' command while the bundle contains tool.py and no install spec — this is a usability/documentation mismatch but not a security concern. The description mentions 'forwarding to log aggregators' but the code does not implement any network forwarding or require aggregator credentials.
Instruction Scope: okSKILL.md only instructs running the parser on files or via pipes. The included Python script processes input lines, extracts key=value pairs and timestamps, and writes JSON to stdout — it stays within the stated parsing/formatting scope and does not read unrelated system files or environment variables.
Install Mechanism: okThere is no install spec (instruction-only), so nothing will be downloaded or written automatically. The bundle includes a single Python script; no external packages, downloads, or archives are fetched during usage.
Credentials: okThe skill declares no required environment variables, credentials, or config paths, and the code does not access environment variables or secrets — requested access is proportional to the stated purpose.
Persistence & Privilege: okalways is false and the skill does not request persistent or elevated privileges, nor does it modify other skills or system-wide settings.