Skillv1.0.0

ClawScan security

Cud Advisor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 5, 2026, 6:25 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions align with its stated purpose (GCP CUD recommendations); it is instruction-only, requests exported/read-only data, and does not ask for credentials—exercise normal caution when pasting billing data or executing generated gcloud commands.
Guidance: This skill appears coherent for recommending GCP CUDs, but take these precautions before using it: (1) Run the suggested gcloud/bq commands yourself in your environment and paste only the exported JSON/CSV or summarized figures — do NOT paste private keys, tokens, or full console pages that might include secrets. (2) Confirm that pasted data contains no account keys, service-account JSON, or long-lived tokens; the SKILL.md itself warns to confirm this. (3) Treat generated 'gcloud' commands as recommendations: review them carefully and run them only with an account that has appropriate billing/commitment authority. (4) If you cannot produce exported data, provide conservative workload descriptions and cost estimates instead; the quality of recommendations depends on the accuracy and completeness of the input data.

Purpose & Capability: okName/description (GCP CUD advisor) matches the instructions: the skill asks for billing, compute, and BigQuery export data and explains required read-only IAM roles. Nothing in the SKILL.md requests unrelated services or credentials.
Instruction Scope: noteThe SKILL.md instructs the user to provide outputs of gcloud and BigQuery queries (or to describe workloads). It explicitly states it will not run GCP CLI commands or request credentials. Small inconsistency: the file header lists 'tools: claude, bash' which could imply command execution, but the body clarifies it is instruction-only. Users should avoid pasting any outputs that contain sensitive identifiers/credentials and sanitize exported data before sharing.
Install Mechanism: okNo install spec and no code files; this is an instruction-only skill so nothing will be downloaded or installed on the host.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. It requests only exported read-only data or user-provided CLI output, which is proportional to the stated function.
Persistence & Privilege: okThe skill is not always-on (always:false) and uses the platform's normal autonomous invocation settings. It does not request persistent system privileges or modify other skills/configs.