Skillv1.0.0

ClawScan security

Expanso json-to-yaml · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 11, 2026, 9:43 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions match its stated purpose (convert JSON to YAML); it requests no credentials or unusual installs and is internally consistent.
Guidance: This skill is coherent and minimal: it converts JSON to YAML and requires expanso-edge to run the provided pipelines. Before using it, decide whether you will run it locally or deploy to the cloud: running the MCP pipeline will open an HTTP server on 0.0.0.0 (default port 8080) — ensure appropriate firewalling or bind to a safer interface/port if you don't want it publicly reachable. If you deploy the job to Expanso Cloud, your input JSON will be sent to a remote service — do not send sensitive data unless you trust the deployment target. Finally, install expanso-edge from a trusted source (verify the binary origin) before running the pipelines.

Purpose & Capability: okName, SKILL.md, and included pipeline YAML files all implement a JSON→YAML conversion for CLI and MCP modes. Required tooling (expanso-edge) is consistent with the pipelines; nothing unrelated is requested.
Instruction Scope: noteRuntime instructions are focused on conversion and reference only the provided pipeline files. The MCP pipeline will start an HTTP server bound to 0.0.0.0:${PORT:-8080} and expose /convert (POST) — this is expected for a server mode but may expose the service to the network if run without firewalling. The SKILL.md also suggests deploying the pipeline to Expanso Cloud, which would send user input to a remote service; users should consider data sensitivity before deploying.
Install Mechanism: okNo install spec or third-party downloads are included in the skill bundle (instruction-only). The only external dependency is the expanso-edge binary, which is noted in SKILL.md — this is proportional and transparent.
Credentials: okThe skill declares no environment variables, credentials, or config paths. The pipelines use only input content and create metadata (trace_id, timestamp) locally. No extraneous secrets are requested.
Persistence & Privilege: okThe skill does not request persistent presence (always:false), does not modify other skills or system-wide configs, and contains no installation steps that write back credentials or change agent settings.