Skillv1.0.1

ClawScan security

MUD · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 28, 2026, 6:23 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, instructions, and minimal requirements are coherent with its stated purpose of operating a local MUD engine; it runs local engine code and does not request unrelated credentials or network installs.
Guidance: This skill appears to do what it says: it runs your local MUD engine. Before using it, inspect the local mud_agent.py (and any engine code) in the referenced workspace paths, because the helper will import or execute that file — which runs arbitrary local code. Only run this skill if you trust the engine source; prefer running it as a non-administrative user or in a sandboxed environment. Also verify there are no unexpected network calls or hardcoded secrets in the engine code if you will run commands that could trigger them. If you need platform-agnostic usage, note the README references Windows-style paths; confirm the correct workspace path on your host.

Review Dimensions

Purpose & Capability: okName/description match the actual behavior: the skill is an operations wrapper to run a local MUD engine (either by importing a legacy MudAgent or invoking mud_agent.py). It requests no external credentials, binaries, or installs, which is appropriate for a local ops helper.
Instruction Scope: okSKILL.md instructs the agent to locate the engine directory and run the included wrapper script with a command string. The script only reads mud_agent.py to detect engine style and then either imports it or runs it as a subprocess. There is no instruction to read unrelated system files, exfiltrate data, or contact external endpoints in the skill itself.
Install Mechanism: okNo install spec is present (instruction-only plus a small helper script). Nothing is downloaded or written to disk by the skill itself, which minimizes install risk.
Credentials: noteThe skill requires no environment variables or credentials, which is appropriate. One important operational note: the script executes or imports local code (mud_agent.py) found in the workspace. That means the effective privileges and behavior depend entirely on the contents of that engine file — importing or running it will execute arbitrary code from the local project. That is expected for an ops wrapper, but users should ensure the engine code is trusted.
Persistence & Privilege: okalways:false (default) and no requests to modify other skills or system-wide agent settings. The skill does not request permanent presence or elevated platform privileges.