ClawMon
PassAudited by ClawScan on May 1, 2026.
Overview
ClawMon is a disclosed, instruction-only trust-score lookup skill that uses a publisher-hosted API and does not request credentials or install code.
This appears safe to install as an instruction-only lookup helper, but treat its trust scores as advisory and remember that skill IDs checked through the hosted API are visible to the service operator.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The publisher-operated service may learn which skill names are being evaluated, and optional feedback can send a pseudonymous identifier and score if the user chooses to rate a skill.
The skill discloses an external API data flow; although it is limited to skill IDs and no credentials, the hosted service can observe which skills are being checked.
Read-only lookups send only the skill ID in the URL path (e.g., `GET /api/agents/gmail-integration`).
Use the service for advisory lookups, avoid adding private user context to requests, and consider self-hosting if the list of checked skills is sensitive.
A user or agent might over-rely on a high trust tier when deciding whether to use another skill.
The skill is designed to influence trust decisions about other skills; this is purpose-aligned and disclosed, but the ratings should not be treated as a complete security review.
It lets agents query reputation data for MCP skills before using them.
Treat ClawMon results as one signal alongside the skill's permissions, source, code, user reviews, and the sensitivity of the task.