Skillv2.3.4

ClawScan security

Shell Script · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 17, 2026, 6:55 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, instructions, and included scripts are consistent with a Shell/Bash helper — nothing requests unrelated credentials or installs arbitrary remote code, but some included scripts (setup/deploy) perform privileged or network operations when executed and should be reviewed before running.
Guidance: This skill appears to be what it says: a shell/Bash helper with script templates, a linter, and generators. Before using: (1) Inspect generated scripts (especially setup.sh and deploy scripts) — they perform system-level changes (apt, ufw, sshd config, swap, rsync/ssh) and should only be run on systems you control. (2) Do not run setup scripts as root on production systems without review. (3) The deploy script assumes SSH access and will use your rsync/ssh credentials — ensure target host and user are correct. (4) Commented webhook examples exist; confirm no hard-coded secrets are present. If you want additional assurance, request the upstream source (repo/author) or run the scripts in a safe test environment first.

Review Dimensions

Purpose & Capability: okThe name/description (shell script generation, templates, linting, deploy/backup/monitor helpers) matches the bundled files: generators, lint/checker, and example templates. The included setup, deploy, monitor and backup scripts are coherent with the stated capabilities.
Instruction Scope: noteSKILL.md is an instruction-only manifest that simply advertises the helper and CLI usage; it does not tell the agent to read unrelated system files or exfiltrate secrets. However, the shipped scripts themselves perform filesystem, network (rsync/ssh/curl) and system administration actions if executed — those are within the scope of the helper but have side effects that require user caution.
Install Mechanism: okNo install spec is provided (instruction-only plus included scripts), so nothing is downloaded or executed automatically during install. This is lower-risk from an installation standpoint.
Credentials: noteThe skill declares no required env vars or credentials. Some scripts assume the presence of SSH access/keys (deploy uses rsync/ssh) or root privileges (setup uses apt-get and edits system configs). Those assumptions are reasonable for deploy/setup tasks, but the skill does not request or provide credentials; the user must supply appropriate keys/privileges when running the scripts.
Persistence & Privilege: okThe skill is not always-enabled and does not request persistent elevated privileges. It includes scripts that, if executed by a user, will perform privileged/system changes (server init, editing sshd_config, enabling ufw, creating swap). This is expected for 'setup' functionality but requires explicit user action (sudo) and consent.