Skillv2.0.1

ClawScan security

Container Desktop · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 18, 2026, 10:39 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent and appears to be a lightweight, local Bash-based project scaffolding helper that only writes logs to a per-user data directory; there are minor documentation/name mismatches but no signs of credential access, network exfiltration, or suspicious installs.
Guidance: This skill is a small, local Bash-based CLI that writes logs to a per-user data directory (by default ~/.local/share/container-desktop/). It does not request credentials or make network calls. Before installing or running: (1) be aware it will create and append to history.log in that directory (you can override with CONTAINER_DESKTOP_DIR); (2) note the implementation is mostly stubs — it will not perform real builds/deploys as advertised; (3) review the scripts if you plan to run them in sensitive environments or as root (run as an unprivileged user instead). If you expect a full Podman Desktop or TypeScript tool, verify upstream source or a different package that matches that capability.

Review Dimensions

Purpose & Capability: noteThe README/description advertises Podman Desktop and TypeScript, but the shipped implementation is two small Bash scripts. The scripts implement only simple CLI stubs (echo + local logging) rather than full build/test/deploy functionality. This is likely a lightweight wrapper/stub rather than a full TypeScript application — the mismatch is a quality/documentation issue, not a security problem.
Instruction Scope: okSKILL.md instructs the agent to run commands like init/check/build/test; the provided script (scripts/script.sh) maps those commands to functions that only echo messages and append timestamped entries to $DATA_DIR/history.log. The runtime instructions and implementation operate entirely on local files and do not read unrelated system files, credentials, or contact external endpoints.
Install Mechanism: okThere is no install spec and no downloads. The skill ships small Bash scripts only — nothing is written to arbitrary system locations and no external packages are pulled during install.
Credentials: okThe skill declares no required environment variables or credentials. At runtime the scripts respect CONTAINER_DESKTOP_DIR (optional), XDG_DATA_HOME, and HOME to determine a local data directory; no secrets or unrelated credentials are requested or read.
Persistence & Privilege: okalways is false and the skill does not attempt to modify other skills or system-wide agent settings. It only creates and writes files under the per-user data directory (~/.local/share/container-desktop by default).