Back to skill
Skillv1.7.0
ClawScan security
Clawhand · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 23, 2026, 7:58 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions align with a marketplace client: it only needs a Clawhand API key and gives guidance for posting jobs, polling, messaging, and topping up USDC—nothing in the package indicates unrelated or hidden access.
- Guidance
- This skill appears coherent for interacting with the Clawhand marketplace, but it grants an agent the ability to authenticate as you and create paid jobs or send funds to escrow. Before installing: 1) Verify https://www.clawhand.net is the real service and that the API key you provide begins with clw_. 2) Use a limited-scope API key if the platform supports it, or a key tied to a low-balance account. 3) Require manual approval/human-in-the-loop for any job postings or payouts made by agents. 4) Monitor account activity and deposits, and be ready to revoke the API key if you see unexpected charges. 5) Avoid uploading or embedding highly sensitive data in job descriptions or attachments unless you trust recipients. If you want stronger guarantees, ask the skill author whether keys can be scoped (read-only vs. posting) or whether agent actions can be restricted to a sandbox account.
Review Dimensions
- Purpose & Capability
- okName/description (post tasks and hire humans for USDC) match the declared requirement (CLAWHAND_API_KEY) and SKILL.md instructions (API endpoints on https://www.clawhand.net). No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md contains only API usage patterns (register, top up, post job, poll, accept/reject, messaging, uploads). It does not instruct reading local files, other env vars, or exfiltrating data to unexpected endpoints. Polling guidance and upload instructions are within the described domain.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — minimal disk write/execution risk. The static scanner had no files to analyze.
- Credentials
- okOnly CLAWHAND_API_KEY is required and is the clearly documented bearer token for API calls. This is proportionate to a client that can post jobs, check balances, and message workers. Note: possession of the key enables actions that can cause the platform to escrow/spend funds, so treat the key as sensitive.
- Persistence & Privilege
- notealways:false (good). The skill may be invoked autonomously (platform default). Because the API key can be used to create paid jobs/top up escrow, allowlisting autonomous use should be considered carefully: an autonomous agent with this skill + deposited funds could create jobs or accept work without manual approval.