ClawHub
Back to skill
v1.0.0

Service Dependency Mapper

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 12:49 PM.

Analysis

This instruction-only skill is aligned with read-only service dependency mapping, but it may surface internal service, cluster, and connection details when its example commands are run.

GuidanceThis looks safe to install as an instruction-only dependency-mapping helper. Before use, make sure the agent is pointed at the intended repository and cluster, use read-only/least-privileged credentials, and redact secrets or private infrastructure details from outputs. The provided artifacts do not justify granting unrelated purchasing, crypto, or mutation permissions.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
rg "https?://[a-z][-a-z0-9]*(\.[a-z][-a-z0-9]*)*[:/]" ...; kubectl get services -A -o json | python3 -c

The skill documents shell commands for repository and cluster discovery. This is expected for dependency mapping, but it is still tool execution that should be user-approved and run in the correct environment.

User impactRunning the examples in the wrong directory or cluster could expose irrelevant or sensitive internal service information to the agent session.
RecommendationConfirm the working directory and cluster context before running commands, and review outputs before sharing or saving generated maps.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
kubectl get services -A -o json ...; istioctl proxy-config cluster <pod-name>

These runtime discovery examples use the user's existing Kubernetes and service-mesh access, including all namespaces for services. That access is purpose-aligned but can cover broad production infrastructure.

User impactIf run with a privileged kubeconfig, the skill can reveal cluster-wide service topology and mesh routing information in the conversation.
RecommendationUse a least-privileged, read-only Kubernetes context and avoid running against production clusters unless you intend to analyze that environment.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceHighStatusNote
SKILL.md
rg "DATABASE_URL|REDIS_URL|MONGO_URI|POSTGRES_|MYSQL_|AMQP_URL|KAFKA_BROKER"

The static discovery command may print connection configuration lines, which can include secrets, internal hosts, or broker addresses. The artifact does not show persistence or exfiltration, but this data may enter the agent context.

User impactConnection strings or internal endpoint names could be included in generated summaries, diagrams, or chat history if not redacted.
RecommendationRedact passwords, tokens, and private endpoints from command output before storing, sharing, or publishing dependency maps.