Skillv1.0.0

ClawScan security

page-cro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 11, 2026, 3:24 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions align with its stated purpose (analyzing marketing pages for CRO), request no unrelated secrets, and have no surprising install steps — it's internally coherent.
Guidance: This skill appears to do what it says: it parses HTML and scores CRO signals. Before running it, consider: (1) the bundled Python script will fetch any URL you provide — avoid giving internal or sensitive endpoints to prevent unintended network access; (2) run the script in a sandbox or review the code if you will point it at private resources; (3) the parser is static (HTML-based) and may miss dynamically-rendered content (JS), so results are best used as heuristics rather than a full audit. No credentials are requested and there are no hidden downloads.

Purpose & Capability: okName/description match the included assets: SKILL.md provides CRO guidance and the included Python script performs an HTML CRO audit (parsing buttons, forms, trust signals, etc.). No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteSKILL.md asks the agent to read a local context file (.claude/product-marketing-context.md) if present (reasonable for context). The included script can fetch a URL (urllib.request) or read a local file for analysis — this is necessary for its purpose but means the agent will make outbound HTTP requests when asked to audit remote pages.
Install Mechanism: okNo install specification; this is an instruction-only skill with a bundled Python script. Nothing is downloaded from external URLs or installed automatically.
Credentials: okThe skill declares no environment variables, no credentials, and no config paths. The resources it accesses (page HTML, optional local context file) are appropriate for CRO analysis.
Persistence & Privilege: okalways is false and model invocation is normal. The skill does not request permanent presence or special system-wide privileges.