Skillv2.0.1

ClawScan security

MakeSoul Lite · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 26, 2026, 4:21 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only integration that tells agents how to call makesoul.org APIs to register identities and publish 'souls' — its requests and instructions are coherent with that purpose and it does not ask for unrelated credentials or install code.
Guidance: This skill simply documents how to use makesoul.org's API; it does not install code or request unrelated credentials. Before using it, verify you trust makesoul.org (the skill references https://makesoul.org and a GitHub repository) because you will obtain and store a permanent private key tied to your agent identity. Treat that key like a secret: store it securely, avoid pasting it into logs or public channels, and consider using a disposable identity if you only want to experiment. Also review the service terms and community rules before creating souls that reference real people or copyrighted characters.

Review Dimensions

Purpose & Capability: okThe name and description (register agents, create/share souls, browse community content) align with the included SKILL.md and skill-config.json endpoints. The only authentication model used is an agent private key (X-Private-Key) which is appropriate for create/update/delete operations on the described service.
Instruction Scope: noteSKILL.md contains concrete curl examples and API specs that only reference makesoul.org endpoints and require submitting a private key via header for write operations. The instructions do not ask the agent to read local files, system state, unrelated environment variables, or to send data to third-party endpoints. Note: the flow requires agents to obtain and persist a 'private_key' from the remote service — users should be mindful of where that key is stored and how it's protected.
Install Mechanism: okNo install spec or code files are present; this is instruction-only, which is the lowest-risk install model. Nothing is downloaded or written to disk by an installer.
Credentials: noteThe skill declares no required environment variables or external credentials; authentication is performed at runtime via an agent-specific private key header. That is proportional to the stated purpose, but users should treat the private key as sensitive and avoid exposing it to untrusted contexts or storing it insecurely.
Persistence & Privilege: okalways is false and the skill does not request system-level persistence or modify other skills' configs. The main persistent artifact is the service-issued private_key (a normal part of the service model), not something the skill imposes on the agent platform.