Back to skill
Skillv1.0.0
ClawScan security
Pans Gpu Solution Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 17, 2026, 4:40 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions are self-contained and consistent with its description: it is a local Python-based GPU configuration recommender that does not request credentials, external installs, or network access.
- Guidance
- This is a local, self-contained Python script that generates GPU configuration recommendations. Before installing or running: (1) review the full script yourself (it appears safe and uses only the Python standard library); (2) run it in an isolated/sandbox environment if you don't fully trust the source; (3) verify cost numbers and assumptions — the tool uses fixed example prices and heuristics and should not be treated as authoritative for procurement; (4) ensure you have Python 3 available and that you run the provided commands rather than arbitrary variants. If you want additional assurance, ask the publisher for provenance or run a static check of the full file contents.
Review Dimensions
- Purpose & Capability
- okName and description (GPU solution builder) match the included script and SKILL.md examples. The script computes GPU recommendations, costs, and scaling roadmaps — all coherent with the stated purpose. Nothing requested (no env vars, no binaries) appears disproportionate.
- Instruction Scope
- okSKILL.md instructs running the included Python script with command-line arguments; the script only reads those arguments and internal data structures. There are no instructions to read unrelated files, access credentials, or send data externally.
- Install Mechanism
- okNo install spec or external downloads. Code is provided as a local Python script that uses only the standard library, so no external package installation is required.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths and the code does not access environment secrets. Requested privileges are proportional to the stated functionality.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. It doesn't attempt to modify other skills or system-wide settings. Autonomous invocation is enabled by default but is not combined with other red flags here.