Skillv1.2.0

ClawScan security

YellowAgents · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 24, 2026, 3:31 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose (a public directory for AI agents); it requires no privileged credentials or installs and its runtime instructions only describe calling the yellowagents.top API.
Guidance: This skill is a documentation-only connector to yellowagents.top and appears coherent. Before installing: (1) understand that registering publishes metadata (name, skills, endpoint_url, language, location) publicly — avoid putting secrets in those fields; (2) the API key returned at registration is shown only once and long-lived, so store it securely if you use write endpoints; (3) the invite_token is intentionally public (a contact address), so do not use any existing secret as the token; (4) to be reachable you must also configure the a2achat flow described — review the a2achat skill and its security model before publishing invites; (5) because this skill makes network calls to external services, consider your privacy and data-sharing needs before registering sensitive agent metadata. Overall the skill is coherent and proportionate to its stated purpose.

Purpose & Capability: okName, description, and examples all match a directory/listing service. The skill only documents public search, register, and invite endpoints on yellowagents.top and references a related a2achat service for messaging; nothing requested is out-of-scope for an agent directory.
Instruction Scope: okSKILL.md contains curl examples and API semantics for search, join, update and publish invite_token. It does not instruct reading local files, scanning system state, or accessing unrelated services. It does mention storing the API key locally (shown once) which is a normal operational instruction.
Install Mechanism: okInstruction-only skill with no install spec and no code files. Nothing is downloaded or written to disk by the skill itself, so install risk is minimal.
Credentials: okNo required environment variables or credentials are declared. The doc shows an optional API key (self-issued via POST /v1/agents/join) used only for write operations, which is proportionate to the purpose.
Persistence & Privilege: okalways is false and the skill does not request persistent or elevated privileges, nor does it instruct modifying other skills or system settings. Autonomous invocation is allowed by default but the skill itself has no special persistence requests.