Skillv1.1.1

ClawScan security

glkvm · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 11, 2026, 7:38 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, required inputs, and network usage are consistent with a remote KVM-control utility; it is instruction-only and does not request unrelated credentials or installs, though there are some operational security caveats (ignored TLS verification, cookie storage, screenshots).
Guidance: This skill appears to do what it claims, but consider these operational security points before using it: 1) It instructs curl to use -k (ignore TLS errors) — that makes the connection vulnerable to man-in-the-middle attacks; prefer installing a valid certificate or using a verified TLS endpoint. 2) The login stores cookies/auth token in /tmp/glkvm_cookies.txt and saves screenshots to /tmp; these files may be readable by other local users or processes — remove them after the session and avoid running on shared systems. 3) Screenshots and OCR may expose sensitive on-screen data; only use against trusted devices and with explicit user consent. 4) The skill enables remote keyboard/mouse control — anyone with the password can perform arbitrary actions on the target host, so protect credentials and consider short-lived credentials where possible. 5) Because the skill is instruction-only, there is no installer risk, but the agent will perform network actions on your behalf — only invoke it when you trust the target IP and network. If you want stronger assurance, ask the skill author for source/origin or request TLS verification be enabled rather than skipped.

Review Dimensions

Purpose & Capability: okThe SKILL.md describes GLKVM features (screenshot, keyboard/mouse, OCR, Fingerbot, ATX power) and the curl-based HTTP API calls correspond directly to those capabilities. The inputs it asks for (device IP and admin password) are what a KVM control tool legitimately needs. There are no unexplained env vars, binaries, or unrelated dependencies.
Instruction Scope: noteInstructions are explicit and limited to interacting with the target GLKVM device via HTTPS endpoints and using a local cookie file and temporary screenshot files. This is in-scope for the stated purpose. Two operational caveats: the instructions recommend using curl -k (ignoring certificate errors), and they store cookies/auth token in /tmp/glkvm_cookies.txt and screenshots in /tmp — both are normal for one-off control but carry security/privacy implications (see guidance).
Install Mechanism: okNo installation step or external packages are required; the skill is instruction-only. That minimises code install risk because nothing is downloaded or written by an installer spec.
Credentials: okThe skill does not request environment variables, system config paths, or unrelated credentials. It does require the user to supply the target IP and admin password interactively, which is proportional to a remote-control skill.
Persistence & Privilege: okalways is false and the skill is user-invocable; model invocation is allowed (platform default). There is no request for permanent elevated platform privileges or modifications to other skills/configs.