Back to skill
Skillv1.0.2
ClawScan security
ClawMon · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 20, 2026, 12:13 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required resources, and requested permissions align with a read-only trust-checker that queries a public HTTPS API; nothing requested is disproportionate to that purpose.
- Guidance
- This skill is coherent and low-risk as described: it only documents read-only HTTPS GETs to a publisher-hosted API and requires no credentials. Before installing, consider: (1) the API is hosted on Railway by the publisher — if you need stronger guarantees, review the GitHub repo and/or self-host the service; (2) ensure your agent implementation follows the SKILL.md rule to send only the skill ID (do not include user data or other context unless the user explicitly consents); (3) optional feedback and payment endpoints exist but are documented as opt-in — do not enable them automatically; (4) the registry metadata here lacked a homepage but the SKILL.md points to a GitHub repo — you may want to verify the repository and publisher identity yourself.
Review Dimensions
- Purpose & Capability
- okThe name/description match the SKILL.md: it is a read-only trust-score lookup for MCP skills. It requests no credentials, no binaries, and has no install steps — appropriate for an external HTTP API lookup service.
- Instruction Scope
- noteSKILL.md repeatedly states only the skill ID is sent and that lookups are read-only GETs. It also documents an optional POST feedback endpoint and optional payment flows which are explicitly opt-in. This is coherent, but any agent implementation must adhere strictly to the 'do not send user data' guidance; if the agent were to send additional context, that would be scope creep (the instructions themselves do not require it).
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — no code is written to disk and no external artifacts are downloaded by the skill itself, which is lowest risk for install mechanism.
- Credentials
- okNo environment variables, credentials, or config paths are required. The single frontmatter wallet address is described as informational only. The declared requirements are proportional to a public read-only API.
- Persistence & Privilege
- okSkill is not always-included and does not request persistent or elevated privileges. It does not modify other skills or system settings. Autonomous invocation is allowed (platform default) but not excessive here.