Back to skill
Skillv3.4.0
ClawScan security
Localsend · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 20, 2026, 6:16 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions match a local-network file-transfer tool (Localsend); nothing requested is disproportionate to that purpose.
- Guidance
- This skill appears to do what it claims: discover local devices and send/receive files. Before installing/using it, verify the localsend-cli binary you install (prefer official releases, check checksum/signature) rather than blindly running curl|sh. Be aware the agent will run local commands (stat/ls) and will transmit any file you supply to the selected local device — do not send sensitive files unless you trust the recipient and the local network. The protocol notes that devices use self-signed TLS certs and skip verification; this is common for LAN tools but makes MITM possible on untrusted networks, so avoid using it on public or hostile networks.
Review Dimensions
- Purpose & Capability
- okName/description, required binaries (localsend-cli, openssl), and the actions described (device discovery, prepare/upload flows) are coherent: a LocalSend client legitimately needs a CLI and TLS support.
- Instruction Scope
- noteSKILL.md tells the agent to run localsend-cli discover/prepare/upload and to call local shell commands (stat/ls -lh) to measure file size. It also instructs the agent to accept files/paths from the user and immediately send them (do not comment on file contents). These behaviors are expected for a file-transfer skill, but they mean the agent will access local files and send them on the local network — users should be aware that any file they provide will be transmitted as-is.
- Install Mechanism
- noteThe skill is instruction-only (no install spec executed automatically), which is low-risk. However the README suggests installing localsend-cli via a curl from a raw GitHub URL; fetching and running scripts from raw URLs is a common pattern but carries supply-chain risk. Prefer installing from an official release/archive or verifying checksums/signatures.
- Credentials
- okNo environment variables or unrelated credentials are requested. The skill does not ask for unrelated tokens or system config paths.
- Persistence & Privilege
- okSkill does not request always:true, does not modify other skills, and has no install-time persistence specified. It operates only when invoked.