Back to skill
Skillv1.0.1
ClawScan security
Book Extensions · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:06 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required inputs, and external endpoint align with its stated purpose of finding and booking extension services; there are no unexpected environment or install requirements, but a few practical and privacy-related gaps should be addressed before use.
- Guidance
- This skill appears coherent for booking extension services: it only sends JSON-RPC requests to lokuli.com and requires no local installs or env vars. Before installing, confirm: (1) how the agent/platform will authenticate to lokuli.com (the SKILL.md provides no auth details), (2) you are comfortable with the skill sending personal contact information (name, email, phone) to the external service and obtain explicit user consent, (3) lokuli.com is a trusted service (no homepage or publisher info is provided), and (4) the hard-coded example values (zip code, dates) are replaced by real user inputs. If possible, test with dummy data first and verify what data is transmitted.
Review Dimensions
- Purpose & Capability
- okName and description (book extension services via Lokuli MCP) match the SKILL.md which defines search, check_availability, and create_booking RPCs against lokuli.com. No unrelated binaries, env vars, or config paths are requested.
- Instruction Scope
- noteInstructions only describe calling an MCP JSON-RPC SSE endpoint with three tool actions. They do not instruct reading unrelated files or credentials. However the SKILL.md contains hard-coded example values (zipCode 90640, sample dates/times, and example customer contact) and gives no guidance about obtaining user consent or handling PII before submitting booking requests.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files; nothing is written to disk and no external packages are pulled.
- Credentials
- noteThe skill declares no required environment variables or credentials. It does reference an external MCP endpoint (https://lokuli.com/mcp/sse) but does not document authentication or what credentials (if any) are needed. Booking actions require personal data (name, email, phone) — this is expected for the purpose but should be justified and consented to by the user.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. The skill does not request persistent system privileges or modifications to other skills or agent-wide settings.