Back to skill
Skillv1.0.0
ClawScan security
Blast Radius Estimator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 22, 2026, 4:50 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- Instruction-only estimator that is internally consistent with its stated purpose (web fetching + local analysis), but the SKILL.md omits details about data sources and authentication for private marketplace metrics.
- Guidance
- This skill appears coherent and low-risk as an instruction-only tool that fetches web data and analyzes it with Python. Before installing or enabling it: confirm where it will obtain adoption/installation metrics (public pages vs private API), and whether it will later request API keys or elevated access; if you expect private marketplace data, require declared credentials and explicit consent before providing them. Consider limiting autonomous invocation or network access if you do not want the agent to perform broad web scraping on its own. Finally, test with a non-sensitive identifier to validate outputs and observe what external endpoints are contacted.
Review Dimensions
- Purpose & Capability
- okThe name and description (estimating blast radius from adoption/inheritance) align with the declared requirements: curl to fetch web/marketplace pages and python3 to analyze/visualize data. Requiring no credentials is reasonable for public data scanning; the skill does not ask for unrelated capabilities.
- Instruction Scope
- noteSKILL.md confines itself to taking an identifier/URL and producing an adoption/inheritance analysis. It does not instruct the agent to read local files, environment secrets, or other system state. However, it is vague about what external data sources or APIs will be used and how (e.g., scraping public pages vs. querying private marketplace APIs), which affects what the tool can actually deliver.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This is low-risk: nothing is downloaded or written to disk by the skill package itself.
- Credentials
- okThe skill requests no environment variables or credentials. That is proportionate for analyses that rely on public data. If private marketplace metrics or account-scoped download counts are required, the SKILL.md does not declare those credentials, which would be needed later.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. disable-model-invocation is false (normal). There is no indication the skill requests persistent system privileges or config changes.