Skillv0.1.1

ClawScan security

Cloudflare Browser Rendering · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 3:44 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared requirements, runtime instructions, and included scripts align with its stated Cloudflare Browser Rendering purpose and do not request unrelated credentials or install arbitrary code.
Guidance: This skill appears coherent and implements Cloudflare Browser Rendering calls as described. Before installing: (1) verify you trust the source repo/author and optionally review the included scripts; (2) provision a Cloudflare API token with the minimum required permissions (prefer Read for result-only workflows, Write only if creating crawls/markdown jobs); (3) avoid pasting site-login secrets or long-lived credentials into CLI flags unless necessary — the scripts will forward any provided authenticate/cookies JSON to Cloudflare; (4) control crawl scope (low depth/limit, avoid includeExternalLinks) to limit cost and data collection; and (5) be aware outputs may be written to disk if you use --out-json/--out-markdown. If you want extra assurance, run the scripts locally with a throwaway token and inspect network calls or review the GitHub repo history before using in production.

Review Dimensions

Purpose & Capability: okName/description (Cloudflare Browser Rendering) align with what's required and present: the scripts call Cloudflare /markdown and /crawl endpoints and the skill only requests CLOUDFLARE_API_TOKEN and CLOUDFLARE_ACCOUNT_ID and python3. There are no unrelated environment variables, binaries, or surprising capabilities.
Instruction Scope: okSKILL.md and the included scripts explicitly instruct calling Cloudflare REST APIs and handling results; they reference only the declared env vars and the Cloudflare endpoints. The instructions do not ask the agent to read unrelated system files or exfiltrate data outside Cloudflare API usage. Note: the CLI accepts cookies/auth JSON flags which, if supplied, will be forwarded to Cloudflare as part of the render request (this is expected for authenticating target sites).
Install Mechanism: okNo install spec or external downloads are present (instruction-only with Python scripts included). Nothing is written to disk by an installer step; the scripts are plain Python using the stdlib HTTP client.
Credentials: noteThe skill only requires the Cloudflare API token and account ID (appropriate for this purpose). However, the CLI flags allow embedding target-site credentials (authenticate-json, cookies-json) which will be sent to Cloudflare as part of the render job — be cautious supplying sensitive credentials via those flags or in shared contexts. Ensure the Cloudflare token uses least privilege (Browser Rendering Write only if needed).
Persistence & Privilege: okThe skill is not always-enabled, has no install-time persistence, and does not modify other skills or system-wide settings. It can be invoked autonomously (default) which is normal for skills and not a standalone concern here.