Back to skill
Skillv4.0.1
ClawScan security
Policy Reader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 24, 2026, 12:48 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions are consistent with a read-only reference tool: it prints local documentation text, requires no credentials or network access, and contains no unexpected behavior.
- Guidance
- This skill appears to be a safe, self-contained reference tool that prints documentation; it does not require credentials or network access. Before installing, consider: (1) review the script contents (already provided) if you will run it in a sensitive environment; (2) note the trivial version string mismatch and a heredoc expansion bug ($VERSION won’t show in help) — these are correctness issues, not security problems; and (3) as a general precaution, only enable/run skills from sources you trust and avoid executing code with elevated privileges unless necessary.
Review Dimensions
- Purpose & Capability
- okName/description describe a reference/documentation tool and the included script implements only text output for the listed commands. There are no unrelated requested binaries, env vars, or config paths. Minor bookkeeping mismatches exist (script VERSION is 4.0.0 while registry metadata is 4.0.1), but this is not a security concern.
- Instruction Scope
- okSKILL.md instructs plain-text heredoc output with no external API calls; the shipped script only uses shell builtin/cat/echo to print documentation and does not read files, environment variables, or perform network operations. (Small implementation quirk: some heredocs are single-quoted so $VERSION won't expand in help text — a bug, not malicious behavior.)
- Install Mechanism
- okNo install spec is provided (instruction-only style). A single helper script is included but nothing is downloaded or written to arbitrary paths during installation, so install risk is low.
- Credentials
- okThe skill declares no required environment variables or credentials and the script does not access environment secrets or config paths. Requested privileges and access are proportionate to a local reference tool.
- Persistence & Privilege
- okSkill is not marked always:true, uses default agent invocation settings, and does not modify other skills or system-wide configuration. It does not request persistent presence beyond being callable by the agent.