Back to skill
Skillv1.0.0
ClawScan security
Hash Tool · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 8:00 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code implements a local hash/checksum utility that matches its stated purpose; there are only minor documentation/CLI mismatches but no signs of exfiltration, extra credentials, or unexpected network behavior.
- Guidance
- This skill appears to do exactly what it says: compute hashes locally. Before using, note that SKILL.md examples use a positional form (hash-tool <algorithm> <file>) while the shipped script expects flags (--algorithm/-a and --file/-f); also the script supports blake2b/blake2s and base64 output even though those are not listed in the README. There is no network activity or credential access in the code. If you plan to use it, review or run the script on harmless files first to confirm the CLI semantics you expect. Also remember MD5 and SHA-1 are cryptographically weak — prefer SHA-256/SHA-512 or BLAKE2 for integrity checks where collision resistance matters.
Review Dimensions
- Purpose & Capability
- okThe skill name/description (compute cryptographic hashes) aligns with the included Python implementation, which computes file and string hashes using standard hashlib algorithms. The code also supports blake2b/blake2s and base64 output in addition to the listed algorithms; this extends functionality but is consistent with the general purpose.
- Instruction Scope
- noteSKILL.md describes usage with positional arguments and lists only md5/sha1/sha256/sha512, but the script's CLI uses flags (--algorithm/-a and --file/-f) and supports additional algorithms (blake2b, blake2s) and a base64 encoding option. This is a documentation/CLI mismatch (not a security issue) — the instructions do not direct the agent to read unrelated files or transmit data externally.
- Install Mechanism
- okNo install spec is provided (instruction-only), and the included Python script is self-contained, uses only the standard library, and does not download or execute remote code. This is low risk from an installation perspective.
- Credentials
- okThe skill requires no environment variables, no credentials, and does not access configuration paths. The code reads only the file(s) specified by the user and uses standard library hashing functions — requested privileges are minimal and proportional.
- Persistence & Privilege
- okThe skill does not request always-on presence, does not modify other skills or system configuration, and its default invocation settings are standard. There is no indication it attempts to persist beyond normal skill behavior.