Skillv2.0.5

ClawScan security

Caption · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 24, 2026, 1:12 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally coherent: it provides local reference text, requires no credentials or network access, and the included script simply prints documentation—nothing appears disproportionate or malicious.
Guidance: This skill appears safe: it contains only a local shell script that prints reference text and requires no network, credentials, or installs. If you want extra caution, review scripts/script.sh yourself (it's short and readable) or run the skill in a sandboxed agent. Note: small version-number inconsistencies (script VERSION=2.0.3, SKILL.md says 2.0.4, registry 2.0.5) are likely bookkeeping issues rather than security problems, but you may want to confirm you have the intended release from the listed source URL before trusting it in production.

Purpose & Capability: okName/description (a local reference for Caption) match the provided artifacts. The script and SKILL.md both produce static reference text; no unrelated capabilities or credentials are requested.
Instruction Scope: okSKILL.md says all commands output plain-text via heredoc and require no network access; the included scripts/script.sh implements only printing functions and a simple CLI dispatcher. The instructions do not read environment variables, system files, or send data externally.
Install Mechanism: okThere is no install specification (instruction-only). A script file is bundled but no remote downloads, package installs, or extraction steps are present.
Credentials: okNo environment variables, credentials, or config paths are required and the code does not access them. No secrets are requested or used.
Persistence & Privilege: okSkill is not forced-always, is user-invocable, and does not attempt to modify other skills or global agent configuration. It does not request elevated or persistent privileges.