Back to skill
Skillv1.0.0
ClawScan security
Celery Task Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 30, 2026, 2:48 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are internally consistent with an auditor that reads Celery project files and reports best-practice issues — it asks for no unrelated credentials, installs, or persistent privileges.
- Guidance
- This skill is coherent for auditing Celery code: it will read whatever project path you point it at and produce a best-practices report. Before running it, (1) avoid pointing it at system or secrets-containing directories; (2) consider running it against a sanitized copy of your repo so private keys, credentials, or PII are not included in the analysis; and (3) if you're concerned about the agent sending code off-platform, review platform privacy settings or disable autonomous invocation for this skill.
Review Dimensions
- Purpose & Capability
- okName/description match the runtime instructions: the SKILL.md instructs the agent to locate and parse Celery app code, task decorators, retry policies, routing, beat schedules, and worker config. No unrelated binaries, services, or credentials are requested.
- Instruction Scope
- noteInstructions explicitly tell the agent to grep and parse Python files under a user-specified project path (e.g., /path/to/app). This is appropriate for a static audit, but it means the agent will read source code and configuration files provided in that path — including any secrets present there — and send their contents to the model for analysis unless the host platform prevents that.
- Install Mechanism
- okNo install spec or code files are present (instruction-only). Nothing will be downloaded or written to disk by the skill itself.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The skill does not ask for cloud keys or unrelated secrets.
- Persistence & Privilege
- okalways is false and there is no install or self-modifying behavior. The skill does not request persistent presence or elevated agent-wide privileges.