Skillv1.0.0

ClawScan security

Expanso language-detect · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 9:43 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: This is an instruction-only Expanso pipeline for language detection that generally matches its stated purpose, but there are a few packaging/information inconsistencies you should be aware of before installing.
Guidance: What to check before installing: - You must have expanso-edge installed and on PATH; the SKILL.md requires this even though the registry metadata omitted it. Install via the expanso/ClawHub instructions in the README if you plan to run pipelines locally. - The pipelines use OpenAI (gpt-4o-mini) and require OPENAI_API_KEY; set a key before running. skill.yaml marks the key optional but the pipeline will not work without it — treat this as a packaging/documentation bug. - The MCP pipeline binds to 0.0.0.0:${PORT:-8080} and exposes POST /detect. If you run the MCP server, ensure you understand the network exposure (firewall, allowed clients) because any text you send will be forwarded to OpenAI for processing. - The skill sends user text to OpenAI—do not send sensitive or private data unless you are comfortable with that data going to your OpenAI account. Review your OpenAI account/config and rate/usage limits. - skill.yaml mentions a local Ollama backend (llama3.2) but the provided pipeline YAMLs call only the OpenAI processor; if you need an offline/local option, validate and test that separately. - The package has no homepage and a single owner id (unknown). That is not an active red flag by itself, but if you have a security policy about provenance, consider verifying the source or testing in a sandbox first. Overall: the skill appears to do what it claims (language detection) with no hidden data exfiltration in the provided files. The primary issues are documentation/packaging inconsistencies and the usual privacy consideration that text is sent to OpenAI.

Review Dimensions

Purpose & Capability: noteThe skill's files (pipeline-cli.yaml, pipeline-mcp.yaml, skill.yaml, README) all implement language detection via OpenAI and Expanso; that is coherent with the skill name. However, the registry metadata reported no required binaries or env vars while the SKILL.md and pipelines explicitly require the expanso-edge binary and reference OPENAI_API_KEY. This mismatch is a packaging/documentation inconsistency.
Instruction Scope: noteRuntime instructions are limited to running Expanso pipelines (CLI or MCP) and deploying to Expanso Cloud. The MCP pipeline runs an HTTP server (0.0.0.0:${PORT:-8080}) exposing POST /detect, which is expected for a service pipeline but important to note because it binds to all interfaces. The pipelines only send provided text to OpenAI for completion and expect a JSON response — they do not attempt to read unrelated files, system state, or other credentials.
Install Mechanism: okThere is no install spec and no code files (instruction-only), so nothing is downloaded or written to disk beyond the user's invocation of expanso-edge. This is the lowest-risk install pattern.
Credentials: concernThe pipelines require OPENAI_API_KEY (used directly in openai_chat_completion). The top-level registry metadata lists no required env vars and skill.yaml marks OPENAI_API_KEY as optional (required: false). That mismatch could confuse users — in practice you need an OpenAI key to run the pipelines. No other unrelated secrets are requested.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills or system settings, and is user-invocable. It can run an HTTP server when started (expected for MCP), but otherwise requests no persistent privileges.