Skillv1.0.0

ClawScan security

Capability Composition Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 23, 2026, 10:40 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (analyzing capability composition) matches its instructions and requested resources; nothing requested or instructed is disproportionate, but the source is unknown and the declared required binaries (curl, python3) are not justified in the doc, so exercise normal caution.
Guidance: This skill appears coherent and instruction-only, but take basic precautions before installing: 1) Verify the author/source (source unknown here). 2) Do not feed real secrets or full environment dumps as input — provide only the skills/capability metadata you want analyzed. 3) Because the skill lists curl and python3 as required binaries (not justified in the text), prefer running it in an environment where network egress is constrained if you are uncertain — a malicious agent could use those binaries for exfiltration if given sensitive inputs or if the platform allows shell execution. 4) Review produced reports before acting and audit any remediation that changes skill permissions. If you want higher assurance, ask the publisher for a justification of the curl/python3 requirement or a minimal test input/output example.

Purpose & Capability: noteThe skill's name/description align with the SKILL.md: it analyzes how multiple skills compose into dangerous capability combinations. It requests presence of curl and python3 even though the instruction text does not require network calls or executing scripts; this is a minor mismatch (likely for optional tooling or examples) but not by itself malicious.
Instruction Scope: okSKILL.md confines the agent to analyzing declared skill lists, capability metadata, and producing a composition risk report. It does not instruct the agent to read arbitrary system files, access environment secrets, or transmit data to external endpoints. Inputs are explicitly the agent's declared skill list or a list of skills to analyze.
Install Mechanism: okNo install spec and no code files are present (instruction-only). That minimizes filesystem and supply-chain risk — nothing is downloaded or written by an installer.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. That is proportionate to an analysis-only tool that operates over supplied metadata.
Persistence & Privilege: okalways:false and no requests to modify other skills or system configuration. The skill may be invoked autonomously (platform default) but it does not request persistent presence or elevated privileges.