Back to skill
Skillv2.0.1
ClawScan security
Movie Review · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 18, 2026, 10:47 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is a self-contained CLI content tool that stores review text locally; its declared behavior matches the included shell script and it does not request credentials or remote installs.
- Guidance
- This skill is a local CLI that saves all entries in plaintext under ~/.local/share/movie-review/. Before installing or running it: (1) review the full script to confirm no unexpected remote calls (the provided script appears local-only); (2) be aware any drafted text you save is stored unencrypted and could include sensitive info — change DATA_DIR or restrict permissions if needed; (3) if you want tighter containment, run the script in a sandbox/container or symlink DATA_DIR to a controlled location; (4) verify the truncated portion of the script (if any) contains no network or credential access before trusting it fully.
Review Dimensions
- Purpose & Capability
- okName/description (movie reviews, recommendations, watchlists, local storage) align with what the skill implements: a Bash script that provides CLI commands and writes logs to ~/.local/share/movie-review. There are no unexpected external services, binaries, or credentials required.
- Instruction Scope
- noteRuntime instructions and the script operate on local data files only (create/read/write ~/.local/share/movie-review/*.log, history.log, export files). This matches the stated purpose. Note: stored entries are written in plaintext under the user's home directory and may contain sensitive content if you save it; the SKILL.md and script instruct the agent/user to persist content locally.
- Install Mechanism
- okNo install spec or network downloads are present. The skill is instruction-only with an included shell script; it does not pull code from remote URLs or package registries.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths and the script does not attempt to read secrets or unrelated config. Requested filesystem access (user HOME/.local/share) is proportionate to providing local persistent storage.
- Persistence & Privilege
- okalways:false and user-invocable:true (default) — the skill does not auto-install or demand permanent platform-wide privileges. It only creates and manages files within its own data directory and does not modify other skills or global agent configuration.