Skillv1.0.0

ClawScan security

Paste Rs · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 11, 2026, 9:09 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill does what it says — it uploads text to paste.rs using a bundled Python script — but it saves a local .md file and uses heuristic redaction that can miss secrets, so avoid pasting sensitive data and consider cleaning up saved files.
Guidance: This skill appears to do exactly what it claims: upload text to paste.rs. Before installing or using it, keep in mind: (1) Pasted content is public — do not paste secrets, personal data, or sensitive configs. (2) The bundled script saves a .md file to disk (default /tmp) and does not delete it — if your pasted content contains secrets (or redaction failed) that file may remain on disk. Consider changing --outdir to a secure location or deleting the file after upload. (3) Redaction is heuristic and imperfect; do not rely on it to guarantee secret removal. (4) If you need to paste sensitive material, prefer a different, authenticated secure store or avoid uploading entirely. Otherwise this skill is coherent and low-risk.

Purpose & Capability: okThe name/description match the included script and docs: the bundled script posts raw text to https://paste.rs and returns the paste URL. The SKILL.md explicitly documents the behavior (including local file saving). No unrelated services, binaries, or credentials are requested.
Instruction Scope: noteRuntime instructions and the script stay within scope: they accept stdin/--file/--text, optionally redact common secret patterns, write a local .md file, then POST it to paste.rs. This is expected for a paste uploader, but noteworthy: the script always saves the content to disk (default /tmp) and prints the saved path to stderr. That local file is not removed by the script, which could retain sensitive data if redaction misses something.
Install Mechanism: okNo install spec — instruction-only skill with a bundled Python script. Nothing is downloaded or extracted at install time, and no external packages are installed by the skill.
Credentials: okNo environment variables, credentials, or config paths are requested. Network access is limited to the documented endpoint (https://paste.rs).
Persistence & Privilege: notealways is false and the skill is user-invocable. Autonomous invocation by the agent is allowed (platform default), so the agent could call this skill when it deems appropriate; combine that with the public nature of paste.rs and the script's file writes when considering automated use.