Skillv1.0.0

ClawScan security

Multi-Platform Ads Executor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 3, 2026, 2:14 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only planner for multi-channel ad execution; its declared purpose matches the content of SKILL.md and it requests no credentials or installs, so it is internally coherent and low-risk as-written.
Guidance: This skill is coherent and low-risk as provided: it is an instructions-only planner that asks for no credentials and performs no installs. Before enabling or automating it, consider: (1) do not supply production API keys, billing credentials, or account passwords when asking for execution plans — give anonymized or read-only data instead; (2) review any generated rollout/scale/kill rules before applying them to live campaigns and require a human approval step if you integrate outputs into automation; (3) clarify how and where 'escalation handoff payloads' are delivered if you plan to hook the skill to ticketing or alerting systems; (4) validate recommended metrics and assumptions against real account data (the doc explicitly forbids fabricating metrics, but always double-check). If you want higher assurance, request that the skill be wrapped so it cannot be wired to automated API calls without explicit operator consent.

Review Dimensions

Purpose & Capability: okThe name/description (multi-platform ads execution plans) align with the SKILL.md: the document defines inputs, outputs, workflows, decision rules, and examples consistent with producing channel-specific ad execution plans. There are no requests for unrelated resources (no cloud credentials, no binaries) that would be out-of-scope for an ads planning skill.
Instruction Scope: noteSKILL.md is purely prescriptive: it tells the agent how to generate plans, checklists, and escalation payloads. It does not instruct the agent to read local files, call external endpoints, or exfiltrate secrets. One minor ambiguity: the phrase 'escalate with a structured handoff payload' does not specify a destination or transport — harmless as text, but if later integrated into automation it could be wired to external systems. Recommend verifying any automation integrations before enabling autonomous actions.
Install Mechanism: okInstruction-only skill with no install spec and no code files. Nothing is written to disk and there are no external downloads — lowest-risk install footprint.
Credentials: okThe skill declares no required environment variables, no primary credential, and no config paths. That is proportionate for a planning/advisory skill which should not need API keys or system credentials.
Persistence & Privilege: okalways is false (not forced into every agent run). disable-model-invocation is false (normal default) — this only means the agent could call the skill autonomously; on its own this is not a discrepancy given the skill's benign, instruction-only nature. No requests to modify other skills or system settings are present.