Skillv3.0.0

ClawScan security

Medication Reminder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 19, 2026, 12:11 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose (a simple local medication tracker) and contains no network calls, credential requests, or surprising installs; it does have minor implementation bugs and local-privacy considerations to be aware of.
Guidance: This skill appears to be a simple, local medication tracker and is coherent with its description. Before installing, review and consider: (1) Privacy — it stores health data in plaintext at ~/.local/share/medication-reminder; if that is sensitive, run it in a restricted account, encrypt the directory, or modify the script to use encrypted storage. (2) Minor bugs and robustness — the script uses unquoted variable expansions when building JSON and when redirecting, which can break with unusual medication names (spaces, quotes) and may produce malformed JSON; it also prints literal 'Added $2' messages due to quoting. If you plan to use it long-term, consider hardening: quote expansions, validate/sanitize inputs, use a JSON library (jq) or printf to build safe JSON, and add error handling for concurrent writes. (3) Run in a sandbox or inspect the script locally before invoking, as with any third-party script. No network/credential exfiltration was observed.

Purpose & Capability: okName/description match the provided files and runtime instructions. The script implements add/list/take/history/schedule/due and stores data under ~/.local/share/medication-reminder — this is coherent for a local medication tracker. No unrelated credentials, binaries, or cloud services are requested.
Instruction Scope: noteSKILL.md instructs the agent to run the included shell script only; it references only the local data directory. There are no instructions to access system-wide secrets or external endpoints. Note: the skill stores potentially sensitive health data on disk in plaintext under the user's home directory — that is a privacy consideration (not a hidden behavior).
Install Mechanism: okNo install spec; this is instruction-only with a bundled script. Nothing is downloaded or written to unexpected system locations beyond the declared ~/.local/share/medication-reminder data dir.
Credentials: okThe skill requests no environment variables or credentials. It uses $HOME for a local data directory, which is reasonable and proportionate for a local tracker.
Persistence & Privilege: okalways is false and model invocation is standard; the skill does not modify other skills or system-wide config. It only creates its own data directory and files under the user's home.