Skillv3.0.0

ClawScan security

Schema Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 19, 2026, 2:23 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are coherent with a local schema-generation tool: it generates SQL/ERD/migration/seed text and stores data under the user's home directory; it does not request credentials, install external code, or contact external endpoints.
Guidance: This skill appears to be a local schema-generation utility and is internally consistent with its description. Before installing or permitting autonomous execution: 1) note that there are two scripts—script.sh (documented) and schema.sh (undocumented commands) — both generate text only and do not contact external servers; 2) the tool will create ~/.local/share/schema-builder for its outputs; 3) the shell scripts have minor quoting bugs (harmless but could produce incorrect output), so run them in an isolated environment (or inspect/patch them) if you plan to run on production systems; and 4) because the skill can be invoked autonomously by the agent, restrict autonomous execution if you are uncomfortable with any code running locally without supervision.

Review Dimensions

Purpose & Capability: noteThe declared purpose (database schema building) matches the included scripts: both scripts/schema.sh and scripts/script.sh produce schema designs, SQL, migrations, seeds and ER diagrams. Minor inconsistency: SKILL.md documents commands that call scripts/script.sh, while scripts/schema.sh contains additional commands (design, sql, migrate, seed, erd, etc.) that are not listed in SKILL.md. All functionality is still within the domain of schema generation.
Instruction Scope: noteSKILL.md instructs running scripts/script.sh and states data is stored in ~/.local/share/schema-builder. The scripts only create that directory and print/generated SQL/text; they do not read other system configuration or send data externally. Small issues: scripts/script.sh uses some unquoted shell variables (e.g., [ -f $2 ]) and echoes literal $2/$3 in single quotes (likely a bug), which are operational bugs but not secret-exfiltration behavior.
Install Mechanism: okNo install spec is present (instruction-only plus included scripts). No downloads, package installs, or archive extraction are performed by the skill bundle.
Credentials: okThe skill declares no required environment variables or credentials. The scripts use $HOME to create a local data directory (~/.local/share/schema-builder), which is proportional and expected for a local CLI-style tool.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent platform privileges. It only creates a directory within the user's home for storing its outputs; it does not modify other skills or system-wide config.