Skillv1.0.0

ClawScan security

Trust Velocity Calculator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 22, 2026, 9:26 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared requirements (curl, python3) and description are plausible for computing a 'trust velocity' score, but the SKILL.md is high-level and vague about data sources and runtime behavior, leaving room for broad network access or unexpected data collection.
Guidance: This skill appears coherent in purpose but is underspecified. Before installing or enabling it: 1) Ask where it will fetch verification and version-history data (which marketplace APIs or endpoints) and whether those endpoints require credentials. 2) Confirm whether it will perform network calls and whether those calls are restricted to known, documented APIs (not arbitrary web crawling). 3) If you expect it to access private registries or audit logs, require explicit credential names and least-privilege scopes. 4) Prefer a version with concrete runtime steps or code you can review (e.g., exact curl endpoints or a small Python script) rather than just conceptual prose. If you can't get these clarifications, treat the skill as potentially risky because the agent may be given broad discretion to fetch or request sensitive information.

Review Dimensions

Purpose & Capability: noteName and description align with needing tooling to fetch histories and compute metrics; requiring curl and python3 is plausible. However, the skill has no source/homepage and does not specify which APIs or registries it will query for verification dates and version histories, making the required capabilities under-specified relative to the stated purpose.
Instruction Scope: concernSKILL.md is primarily conceptual and describes inputs (skill identifier, verification date, update history) without specifying where or how those inputs are obtained. The instructions do not explicitly ask for reading local files or credentials, but their vagueness gives an agent wide discretion to fetch data from arbitrary endpoints or attempt to crawl marketplaces, which could surface or transmit sensitive data if not constrained.
Install Mechanism: okInstruction-only skill with no install spec or code files — lowest install risk. Nothing will be written to disk by an installer step.
Credentials: okThe skill declares no required environment variables or credentials, which is proportionate to the description. That said, lack of declared creds coupled with unspecified data sources means the agent may later request credentials at runtime or attempt unauthenticated scraping of private endpoints; the SKILL.md does not clarify this.
Persistence & Privilege: okalways is false and there are no requested config paths or other persistent privileges. The skill does not ask for persistent presence or to modify other skills' configurations.