Skillv1.0.0

ClawScan security

Key Vault Auditor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 4, 2026, 11:04 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is instruction-only and its requested inputs and behavior align with an Azure Key Vault audit workflow; it does not request credentials or install code, but users must avoid pasting sensitive secrets when providing CLI output.
Guidance: This skill appears coherent and low-risk because it only asks you to provide exported az CLI output (read-only). Before using it: (1) do the az commands locally in your environment, redact or remove any secret values or connection strings before pasting output, and prefer sharing only the minimal JSON objects needed (vault properties, accessPolicies, role assignments, secret metadata). (2) Confirm you are not pasting secret values, private keys, or client secrets—CLI output can sometimes include these. (3) If possible, share redacted samples or summaries (e.g., counts, boolean flags, principal names) instead of raw dumps. (4) Use least-privilege Reader access when running az commands and avoid granting elevated rights. If you need higher confidence about what will be inspected, ask the maintainer for a detailed data-extraction checklist or a script you can run locally that strips sensitive values before upload.

Purpose & Capability: okThe name/description (Key Vault auditing) match the runtime instructions: the skill asks users to provide az CLI outputs and inspects vault configuration, access policies, and secret hygiene. It does not request unrelated credentials or services.
Instruction Scope: noteSKILL.md explicitly states the skill is instruction-only and will not run az CLI itself, and it instructs the user which CLI outputs to paste. Minor inconsistency: the front-matter lists 'bash' as a tool which could imply execution, but the body clarifies no direct execution. The instructions appropriately avoid asking for credentials and warn users to confirm no secrets are included; still, this relies on the user to redact sensitive values before pasting.
Install Mechanism: okNo install specification or code is included (instruction-only), so nothing is written to disk or downloaded.
Credentials: okNo environment variables, credentials, or config paths are required. The SKILL.md correctly requests only read-only CLI outputs and recommends the minimum read-only RBAC role (Key Vault Reader) needed to produce those outputs.
Persistence & Privilege: okThe skill is not marked always:true, does not request persistent presence, and does not modify agent/system configurations. Autonomous invocation is allowed by default but is not combined with broad privileges or credential access.