Back to skill
Skillv2.0.3
ClawScan security
Container Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 7:38 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This skill appears to be a static reference guide that only prints container-related documentation and does not request credentials, network access, or system changes.
- Guidance
- This looks safe to install as a reference-only skill. As with any skill, use it for documentation lookup rather than treating its generic setup or migration text as commands to execute without your own review.
Review Dimensions
- Purpose & Capability
- okThe stated purpose is a devtools reference lookup, and the included script only outputs static plain-text reference sections for commands such as intro, quickstart, security, and cheatsheet.
- Instruction Scope
- okThe command set is narrow and documentation-focused; there are no instructions to override user intent, run hidden workflows, or take autonomous actions.
- Install Mechanism
- okThere is no install spec, no declared dependency installation, and the visible shell script contains only heredoc documentation output.
- Credentials
- okNo required binaries, environment variables, credentials, config paths, network calls, file reads, or file writes are evidenced in the artifacts.
- Persistence & Privilege
- okThe artifacts do not show persistence, background workers, credential use, privilege escalation, memory storage, or modification of user or account data.