Skillv1.0.5

ClawScan security

Shop Paper - Give your Claw Agent a credit card · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 11, 2026, 2:44 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's embedded SKILL.md is a straightforward Samsung product/browsing document and requests no credentials, but the external name/label you provided ("Give your Claw Agent a credit card") does not match the skill contents — this mismatch warrants caution before installing or granting payment capabilities.
Guidance: Do not install or give this skill payment permissions until you verify the full SKILL.md and source. Actions to take: (1) Open the entire SKILL.md and search for any steps that request credit card numbers, tokens, vaulting, or calls to non-Samsung endpoints; (2) Confirm the skill owner and source — the registry owner ID is unknown; prefer official publisher listing or verified developer identity; (3) If the skill will handle purchases, it should explicitly document the payment flow and any required environment variables (e.g., payment provider keys) — absence of that is a red flag; (4) If you decide to test, use a sandbox/test card and monitor for unexpected network activity; (5) If the skill asks the agent to store or persist payment data, decline or require explicit, narrowly scoped credentials and an auditable storage mechanism. If you want, provide the full SKILL.md (untruncated) and I can re-evaluate the instructions for any hidden requests or scope creep.

Review Dimensions

Purpose & Capability: concernThe SKILL.md clearly documents a Samsung product/browsing skill (api_base = https://www.samsung.com, no credentials requested). However the user-supplied name/title ("Give your Claw Agent a credit card") implies payment or card-storage functionality which is not reflected in the skill metadata or declared requirements. That mismatch between claimed capability and requested resources is inconsistent.
Instruction Scope: noteThis is an instruction-only skill (no code, no install). The visible portion of SKILL.md is product information and metadata; it declares no credentials and no instructions to read local files or environment. Because the SKILL.md was truncated in the sample, you should inspect the remainder for any runtime instructions that request payment details, ask the agent to collect/store card data, or call endpoints other than Samsung.
Install Mechanism: okNo install spec, no downloaded code, and no binaries required — lowest-risk installation model for on-disk changes.
Credentials: concernThe skill declares no required environment variables or credentials (which is appropriate for a read/browse skill). But the external title suggesting the agent will be given a credit card is not supported by the declared env/credential model. If the skill is intended to handle payments, it should request and document the precise payment integration (and that is absent).
Persistence & Privilege: okalways:false and default model invocation settings — the skill is not force-enabled for all agents and does not request elevated persistent privileges.