Skillv1.0.0

ClawScan security

Ads Human Handoff · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 3, 2026, 1:13 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only ‘human handoff’ helper for ad platforms and its requirements and instructions are internally consistent, but the package has no provenance (no homepage or source) so you should vet what account data you pass into it before use.
Guidance: This skill is instruction-only and appears to do what it says (create structured handoff packets for ad platforms). However: 1) the package has no homepage or repository — verify the publisher or test in a controlled environment before relying on it; 2) do not send full credentials or highly sensitive PII (billing info, full account passwords) into handoff payloads — only include the minimum identifiers needed (account_id, campaign_id, timeline, last_change); 3) confirm the human recipients/processes you will escalate to (who will receive tickets and how); 4) test with non-sensitive dummy data to ensure output format and escalation criteria meet your security and compliance needs; 5) monitor skill use/logging and consider restricting autonomous invocation if you want manual control over escalations.

Review Dimensions

Purpose & Capability: noteThe name, description, and runtime instructions all focus on creating handoff packets and escalation routing for ad platforms; that matches. Minor inconsistency: the Platform Notes emphasize Meta/Google/TikTok/YouTube as primary scope while the 'high-signal keywords' and examples also list Amazon/Shopify/DSP — this is a small scope-document mismatch but not a functional red flag.
Instruction Scope: okSKILL.md is purely procedural guidance (classify, short answer, checklist, structured handoff payload) and does not instruct the agent to read local files, environment variables, run shell commands, or transmit data to any hidden endpoints. It stays within the stated purpose of preparing handoff packets and escalation criteria.
Install Mechanism: okNo install spec and no code files are included (instruction-only). Nothing will be written to disk or fetched during install based on the provided metadata.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The handoff payload expects account and campaign identifiers (reasonable for its purpose) — those may contain sensitive/account-level info, so users should avoid passing secrets or full credentials into the skill.
Persistence & Privilege: okalways is false and there is no indication the skill modifies agent/system configs or requests permanent presence. Model invocation defaults are unchanged; autonomous invocation is allowed by the platform default but the skill does not request elevated persistence.