ClawHub
Back to skill
v1.0.1

Book Dance Lessons

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:23 AM.

Analysis

The skill is coherent for booking dance lessons, but it can create real external bookings and send contact details to a remote MCP endpoint without documented confirmation, fee, cancellation, or privacy safeguards.

GuidanceReview this skill before installing. If you use it, make sure the agent only searches until you explicitly approve a specific booking, and confirm the provider, time, cost, cancellation policy, and contact details before any create_booking call.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceMediumStatusConcern
SKILL.md
"name": "create_booking", "arguments": { "providerId": "xxx", "serviceId": "yyy", "timeSlot": "2025-02-10T14:00:00-08:00", "customerName": "John Doe", "customerEmail": "john@example.com", "customerPhone": "+13105551234" }

The skill exposes an action that creates an external booking using user contact details, but the artifact does not specify approval, fee, cancellation, or reversibility checks before invoking it.

User impactThe agent could place a real appointment or reservation with the wrong provider, time, or contact information if it proceeds without a clear final user confirmation.
RecommendationRequire explicit user confirmation of provider, service, date/time, price, cancellation terms, and contact details before calling create_booking.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
metadata
Source: unknown; Homepage: none

The registry metadata does not provide a source repository or homepage for the skill, while the skill relies on a remote booking MCP service.

User impactUsers have limited provenance information to verify who maintains the skill or the remote integration before sharing contact details or making bookings.
RecommendationPrefer installing only after verifying the Lokuli endpoint and the skill publisher through trusted channels.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
MCP Endpoint ... https://lokuli.com/mcp/sse ... customerName ... customerEmail ... customerPhone

The artifact discloses a remote MCP endpoint and shows that booking calls include personal contact information.

User impactThe user's name, email, phone number, location-related search data, and booking preferences may be sent to Lokuli's MCP service.
RecommendationShare only the minimum required personal information and verify that the remote service is trusted before booking.