Skillv0.1.1

ClawScan security

Submit Work · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 5:42 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, required commands, and scope align with its stated purpose (upload files and submit task results to OpenAnt); nothing requested appears unrelated, though the SKILL.md is truncated in one place and npx execution should be acknowledged as a runtime download/execute risk.
Guidance: This skill appears coherent for submitting work to OpenAnt, but please consider the following before installing or using it: - Confirm you trust the npm package '@openant-ai/cli' because the SKILL.md runs it via 'npx' (npx will download and execute code from the npm registry at runtime). - Ensure the agent has the correct OpenAnt account and the correct taskId from the conversation context before submitting. - Always run the 'status' command first to confirm authentication, and inspect upload responses to capture the 'key' value (use --media-key, not publicUrl). - Be cautious about automatic submissions: the SKILL.md's 'Autonomy' section is truncated and may imply 'execute immediately' — require a manual confirmation step if you do not want the agent to submit without final human approval. - Do not include secrets in uploaded files or submission text. If you need more assurance, request the full (non-truncated) SKILL.md or verify the CLI source repository before proceeding.

Review Dimensions

Purpose & Capability: okThe name/description match the actions the SKILL.md instructs: using the @openant-ai CLI to check auth, upload files, and submit tasks. There are no unrelated required env vars, binaries, or config paths.
Instruction Scope: noteInstructions focus on identifying produced files, authenticating, uploading with the CLI, and submitting with text/media-key/proof-url — all within the expected scope. The SKILL.md is truncated at the end of the 'Autonomy' section, which leaves ambiguous whether the skill encourages automatic immediate submission without an explicit final user confirmation; that could increase risk of unintended submissions if the agent acts autonomously.
Install Mechanism: noteThis is instruction-only (no install spec), which is low-risk. However, the allowed tools and examples rely on 'npx @openant-ai/cli@latest' which will fetch and execute code from the npm registry at runtime — expected for a CLI but is a runtime code-download/execution consideration the user should be aware of.
Credentials: okThe skill declares no environment variables, no credentials, and no config paths. It defers authentication to an 'authenticate-openant' skill and checks auth via 'npx ... status', which is proportionate to submitting work.
Persistence & Privilege: okalways:false and disable-model-invocation:false (normal). The skill does not request permanent presence or system-wide configuration changes. The only minor concern is the truncated autonomy wording which could imply an instruction to auto-execute routine submissions; this is not the same as persistent/always-enabled behavior but is worth noting.