Skillv1.0.0

ClawScan security

LYGO-MINT Operator Suite (v2) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 9:33 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are coherent with its stated purpose (local canonicalization, hashing, ledger writing and anchor-snippet generation) and do not request credentials or perform network exfiltration.
Guidance: This appears to be a local, coherent toolset for creating verifiable pack hashes and ledger receipts. Before installing or running: 1) review any code in tools/lygo_mint/ (mint_pack_local.py will execute that if present); 2) be aware the scripts write files under state/ in the workspace (ledger entries and manifests) — back up or run in an isolated test workspace if you’re unsure; 3) the ROOT calculation (parents[4]) is brittle and will access files several directories up — run from a controlled workspace or inspect the resolved paths first; 4) no network calls or credential access are present, but always inspect any third-party code before executing on sensitive machines.

Review Dimensions

Purpose & Capability: okName/description (minting, canonicalization, ledger, anchor snippets) match the included scripts and SKILL.md. The scripts perform hashing, canonicalization, ledger appends, snippet generation and bundle creation — all required for the described workflow.
Instruction Scope: noteRuntime instructions are local and describe running the provided Python scripts. The scripts read and write files inside the workspace (state/, reference/, tools/). They do not call external network endpoints or read environment secrets. Two notes: (1) several scripts compute ROOT as Path(__file__).resolve().parents[4], which is brittle and will point to a workspace root several levels up — this intentionally accesses workspace files (state/, reference/, tools/) and is by design but worth understanding before running in an arbitrary filesystem; (2) mint_pack_local.py invokes a workspace tool (tools/lygo_mint/mint_pack.py) via subprocess — if that path exists it will execute whatever is there, so you should inspect any tools/lygo_mint code present before running the wrapper.
Install Mechanism: okNo install spec; the skill is instruction + script files only. Nothing is downloaded or written to non-workspace locations by an installer.
Credentials: okThe skill declares no required environment variables, no credentials, and the code does not attempt to read env vars. Files are processed locally; no secrets are requested or emitted.
Persistence & Privilege: noteThe scripts create and append to workspace-local ledger files under state/ (append-only ledger and canonical JSON). They do not set always:true, do not modify other skills, and do not alter global agent configuration — but they will persist ledger records in the workspace, which is expected for this tool.