Skillv1.0.0

ClawScan security

Travel Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewFeb 10, 2026, 4:18 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill is mostly an instruction-only travel planner (low technical footprint) but it references a missing resource and claims booking coordination without any mechanism or required credentials — those inconsistencies warrant caution.
Guidance: This appears to be an advice-only travel planning skill — lower technical risk — but exercise caution because: 1) SKILL.md references references/airline-matrix.md, which is missing from the package (ask the author to supply or remove it); 2) the skill claims 'Booking Coordination' but provides no mechanism or credentials for making bookings (clarify whether it will only recommend steps or actually perform bookings requiring account access); and 3) model invocation is not explicitly disabled, so if a future version adds booking automation you should require explicit user consent and set disableModelInvocation or require explicit user invocation. Before installing, request the missing reference file, ask the author to document exactly how bookings are handled and whether any credentials will be needed, and prefer a version that explicitly restricts autonomous invocation if bookings/credentials are introduced.

Review Dimensions

Purpose & Capability: noteName and description match the instructions (trip planning, itineraries, family logistics). However the skill claims 'Booking Coordination' but provides no install steps, APIs, or required credentials to perform bookings; that is plausible if it only gives recommendations, but it’s an unexplained gap.
Instruction Scope: concernSKILL.md is high-level and stays within travel planning, but it references a file 'references/airline-matrix.md' that is not present in the manifest. Missing referenced resources are an internal inconsistency and could cause the skill to behave unpredictably if callers expect that data. The instructions are otherwise generic and do not request or read any system files or environment variables.
Install Mechanism: okThere is no install spec and no code files — this is instruction-only, which is the lowest-risk install profile. Nothing will be written to disk by an installer.
Credentials: okThe skill declares no required environment variables, no primary credential, and no config paths. That aligns with an advice-only travel planning skill. If future versions add booking actions, additional credentials would need justification.
Persistence & Privilege: notePolicy flags like always and disableModelInvocation are not set (defaults apply). That means the skill could be invoked by the model autonomously (disableModelInvocation=false by default). For a read-only planning skill this is low risk, but if booking capabilities or credentials are added later, autonomous invocation would be a meaningful privilege and should be restricted.