Back to skill
Skillv2.0.2
ClawScan security
Shell Ai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 7:40 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This skill appears to be a simple reference/documentation tool that prints local help text and does not request credentials, network access, persistence, or broad system authority.
- Guidance
- This appears safe to install as a local documentation/reference skill. The only practical caveat is that its content is generic guidance rather than an integration with a real Shell AI service.
Review Dimensions
- Purpose & Capability
- okThe stated purpose is a Shell AI/devtools reference tool, and the provided script only prints reference sections such as intro, quickstart, security, and cheatsheet.
- Instruction Scope
- okThe instructions are limited to command-style documentation lookup and do not direct the agent to perform account changes, execute arbitrary commands, or override user intent.
- Install Mechanism
- okNo install spec, package install, remote script, or dependency installation behavior is declared. The included shell script is local and consists of static heredoc output.
- Credentials
- okNo required binaries, environment variables, credentials, config paths, network access, or OS-specific privileges are requested.
- Persistence & Privilege
- okArtifacts show no persistence mechanism, background execution, credential storage, file mutation, or privilege escalation.