Skillv1.1.4

ClawScan security

Dkey Switch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 11, 2026, 9:23 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill claims to directly perform Windows window-switching via PowerShell scripts, but the core PowerShell/CMD entry scripts it references are missing from the package and the docs reference reading local preference files—this mismatch suggests incomplete or inconsistent packaging and requires author clarification before trusting or installing.
Guidance: This package claims to run PowerShell-based window-activation commands but the core runtime scripts it references (scripts/d-switch.ps1 and scripts/d-switch.cmd) are missing from the bundle. Before installing or enabling this skill: 1) Ask the author to provide the missing PowerShell (.ps1) and CMD entry (.cmd) files and a clear install/verification procedure. 2) Inspect those scripts for any network activity, remote downloads, credential use, or commands beyond window activation (SendKeys/Win32 calls are expected; anything that reads unrelated config, posts to a URL, or executes downloads is suspicious). 3) Verify on a test machine that the scripts do only UI/window operations and that no external endpoints are contacted. 4) Note the skill is Windows-specific—ensure your environment matches. If the author cannot produce the missing scripts or they must be sourced elsewhere, treat the skill as untrusted until you can review the actual runtime code.

Review Dimensions

Purpose & Capability: concernThe declared purpose (Windows window activation) matches the need for PowerShell, alias tables, and local scripts. However, the runtime instructions and many docs require scripts/d-switch.ps1 and scripts/d-switch.cmd which are not present in the file manifest. Also the skill has no OS restriction despite being Windows-specific. The absence of the core entry scripts is a material inconsistency: either the package is incomplete or the skill expects external binaries not provided.
Instruction Scope: concernSKILL.md explicitly instructs the agent to run commands like scripts\d-switch.cmd find-window ... and to always run find-window first. The only executable included is a bash wrapper (scripts/d-switch.sh) which itself calls scripts/d-switch.ps1 — that .ps1 is missing. The docs/assets instruct the agent to read USER.md and MEMORY.md at session start (those files exist), which is reasonable for preferences, but the primary runtime commands point to non-existent files; attempting to follow the instructions will fail or cause the agent to search for/attempt to create/obtain those scripts (undocumented).
Install Mechanism: noteNo install spec in registry (instruction-only), which is lower risk. SKILL.md metadata includes a suggested winget install entry for PowerShell (reasonable). There is no evidence of remote downloads or extraction in the provided files. The main risk here is not the install mechanism itself but the package incompleteness (missing .ps1/.cmd) which may lead integrators to source those components elsewhere.
Credentials: okThe skill requests only a powershell binary and lists no environment variables, credentials, or external endpoints. The aliases and docs reference local files (USER.md, MEMORY.md) which are present and reasonable for preferences. No secret/credential access is requested, which is proportionate for the stated purpose.
Persistence & Privilege: okFlags are default (always:false, agent-invocable allowed). The skill does not request permanent presence or system-wide settings. There is no evidence it modifies other skills' configs or requests elevated privileges in the manifest.