Skillv0.4.0

ClawScan security

Colors CC · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 16, 2026, 3:21 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: This instruction-only skill is internally consistent with its description — it directs the agent to construct URLs to an external colors-cc.top color/image API and requires no installs, binaries, or credentials — the main residual risk is using an external unknown-hosted service (privacy/trust), not incoherence in the skill itself.
Guidance: This skill appears coherent and lightweight — it simply tells the agent how to build and use URLs for an external colors-cc.top API. Before installing/using: (1) confirm you trust api.colors-cc.top (there is no homepage/source provided in the metadata), (2) understand that embedded images cause client-side requests that reveal IP/referrer and may be logged by that host, (3) the default attribution option adds a watermark and an HTML comment (may embed metadata or enable tracking/viral links) — set attribution=false if you want to avoid that, (4) consider testing the endpoints manually in a browser or via curl to inspect returned SVGs and headers, and (5) if you need stronger guarantees, prefer a known provider or self-hosted equivalent. Overall the skill itself is coherent, but exercise caution because the publisher is unknown and network requests go to a third party.

Review Dimensions

Purpose & Capability: noteThe skill's name/description (color assets, SVG placeholders, palettes, conversions) matches the runtime instructions that only construct and reference HTTP endpoints on api.colors-cc.top. No unrelated credentials, binaries, or system paths are requested. Minor note: the skill has no homepage or source repo listed and the endpoints point to a single external domain (api.colors-cc.top), so trust in the publisher is unknown but the requested capabilities are proportionate to the stated purpose.
Instruction Scope: noteSKILL.md instructs the agent to embed image URLs and to avoid downloading binary image data itself — the instructions do not ask the agent to read local files, environment variables, or other system state. Two points to be aware of: (1) the API's default 'attribution' behavior inserts a watermark and an HTML comment for 'viral sharing' (this could leak or embed metadata), and (2) embedding external image URLs causes the user's client to make network requests to the third-party domain (exposes client IP, user-agent, referrer to that host). Functionally scoped correctly for a color/image helper.
Install Mechanism: okNo install spec and no code files — lowest-risk delivery model. Nothing is written to disk by the skill itself.
Credentials: okThe skill requests no environment variables, credentials, or config paths. This is proportionate for a stateless external API helper.
Persistence & Privilege: okDefaults are used (not always: true). The skill does not request elevated persistence or modify other skills' settings. Note: the platform default allows autonomous invocation; that's expected for skills but means the agent could call the external API without additional user interaction.