Back to skill
Skillv1.0.0
ClawScan security
Funnel Helper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 12:16 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only funnel analysis assistant that only requires user-supplied metrics and does not request credentials, installs, or perform external operations — its declared purpose matches its instructions.
- Guidance
- This skill appears coherent and low-risk because it only operates on data you supply. Before using it, avoid sharing raw logs or session replays that contain PII, auth tokens, or customer identifiers — prefer aggregated or anonymized metrics. If you want automated fetching from ad/analytics platforms, require an explicit connector that limits scopes (avoid pasting API keys into free-text prompts). Validate any recommended experiments in a staging environment and confirm the agent does not attempt to reach external endpoints or ask you to paste credentials into chat.
Review Dimensions
- Purpose & Capability
- okName/description (funnel diagnosis and optimization for paid channels) aligns with the inputs and outputs declared in SKILL.md; no unexpected credentials, binaries, or platform installs are requested.
- Instruction Scope
- okRuntime instructions limited to analyzing user-provided funnel metrics, producing scorecards, bottleneck maps, and experiment plans. It does not instruct accessing system files, environment variables, or external endpoints. Note: optional inputs (session replay notes, logs) may contain sensitive user data but are explicitly user-supplied.
- Install Mechanism
- okNo install spec and no code files (instruction-only). This minimizes on-disk execution and is the lowest-risk install model.
- Credentials
- okNo environment variables, credentials, or config paths are required. Requested inputs are application metrics and logs, which are proportionate to a funnel diagnosis skill.
- Persistence & Privilege
- okFlags show no always:true, no install-time persistence, and the skill does not request system-wide changes or elevated privileges.