Skillv1.0.0

ClawScan security

Money Maker Hand · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 3:49 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared goal (finding and reporting on money-making opportunities) matches the instructions and required footprint: it's an instruction-only assistant that reads/writes local state and performs multi‑platform research, and it requests no external credentials or installs.
Guidance: This is an instruction-only assistant that will read/write a local state file (income_database.json) and perform multi-platform research (public pages or via whatever browsing/scraping tool your agent has). It does not request environment variables or install code, which reduces direct risk. Before using: (1) confirm where income_database.json will be stored and whether that location is acceptable for storing financial data; (2) do not paste platform credentials into the skill unless you trust the owner—if the agent asks for logins, prefer using platform APIs with scoped tokens or perform research manually; (3) be aware it may collect public data from third-party sites—check those sites' terms of service if you plan automated scraping; (4) because the skill lacks a homepage or known owner, consider running it in a limited/isolated environment until you’re comfortable with its behavior.

Review Dimensions

Purpose & Capability: okThe name/description (autonomous money-making assistant) aligns with the SKILL.md: phases cover discovery, evaluation, competitor analysis, reporting, and state persistence. All declared capabilities are coherent with that purpose.
Instruction Scope: noteThe instructions ask the agent to read/write a local file (income_database.json), use memory_store/recall, load historical reports, and perform multi-platform research (Zhihu, Xiaohongshu, Upwork, ClawHub). This is consistent with the purpose but broad: it implies web scraping/browsing across external sites and persistent local storage. The skill does not provide details about how web access is performed (authenticated vs. public), nor does it specify rate-limiting or TOS compliance—these are operational concerns the user should be aware of.
Install Mechanism: okThere is no install spec and no code files; it's a prompt-only skill. This minimizes disk writes and third-party package risk.
Credentials: noteThe skill requests no environment variables or credentials, which is proportionate. However, many of the targeted platforms (Upwork, some content platforms) may require logins for full access; the skill doesn't request them explicitly, so it may either operate only on public data or prompt for credentials at runtime. Be cautious about supplying platform credentials.
Persistence & Privilege: okalways is false and autonomous invocation is allowed (default). The skill instructs the agent to persist state to income_database.json and memory_store, which is appropriate for its tracking purpose and does not imply elevated system privileges or modification of other skills' configs.