Skillv1.0.0

ClawScan security

cae-skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 11, 2026, 9:57 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and config are consistent with a local Windows CAE application launcher and do not request unrelated credentials, system-wide scanning, or network access.
Guidance: This skill appears to do what it claims: manage local CAE apps on Windows using only paths listed in config.json and candidate paths. Before installing: (1) Review config.json and do not add paths that point to untrusted executables—the skill will run binaries referenced there or supplied by the user. (2) Be aware the skill will write to config.json (it saves user-provided paths). (3) Run the skill in an environment where executing local programs is safe (avoid running with higher privileges than needed). If you need network isolation or stronger guarantees, run the skill on a dedicated workstation or inspect the included Python files yourself before use.

Purpose & Capability: okName/description (launching, checking, closing CAE apps) matches requested artifacts: a small Python launcher, a runner, and a config.json with candidate paths and process names for supported CAE apps.
Instruction Scope: noteSKILL.md limits discovery to saved paths and predefined candidate paths and the code implements that. The code launches local executables and can run user-supplied executable paths (set_app_path); this is expected for a launcher but means a user-provided path could cause arbitrary local execution if pointed at an untrusted binary.
Install Mechanism: okNo install spec; this is an instruction-only skill with included Python files. Nothing is downloaded from external URLs and no archives are extracted.
Credentials: okNo environment variables, secrets, or unrelated credentials are requested. The only persistent file touched is config.json in the skill directory, which stores candidate/saved paths and process names.
Persistence & Privilege: okalways is false and the skill does not request elevated or platform-wide persistent privileges. It reads/writes its own config.json only.