Back to skill
Skillv1.0.0
ClawScan security
Skill 1 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 22, 2026, 4:32 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and runtime instructions match its stated purpose (generating QR codes); it requires no extra credentials or unusual system access.
- Guidance
- This skill is coherent and implements a simple QR code generator. Before installing/running: (1) review the script if you want to confirm no changes to other files, (2) note that it will call pip to install qrcode[pil] the first time (which downloads from PyPI), so run it in a virtualenv/container if you want to avoid modifying system packages, and (3) ensure output paths given to the script are locations you intend to write to. If you need offline or pinned dependencies, consider pre-installing a vetted version of the qrcode package rather than allowing the runtime auto-install.
Review Dimensions
- Purpose & Capability
- okName/description (QR code generation) align with the provided script and examples. The included Python script implements exactly the advertised features (text/URL, WiFi, vCard, PNG/SVG/ASCII). No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md instructs running the bundled script and shows concrete examples. The instructions do not request system files, other environment variables, or network endpoints beyond installing dependencies from PyPI at runtime (described in the README). There is no guidance to collect or transmit user data to third-party endpoints.
- Install Mechanism
- noteNo install spec (instruction-only), but the script auto-installs the qrcode[pil] package via pip at runtime using subprocess. This is expected for a self-contained Python utility, but it performs a network download from PyPI when first run — consider this when running in restricted or production environments.
- Credentials
- okThe skill declares no required environment variables, credentials, or privileged config paths. The script runs locally and writes only the requested output file(s).
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills, and has no persistent installation step that would alter global agent settings. Agent autonomous invocation remains the platform default and is not excessive here.