Back to skill
Skillv1.0.1
ClawScan security
Book Eyebrows · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:06 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions are consistent with a simple booking helper for Lokuli's MCP and do not ask for unrelated credentials or install any code.
- Guidance
- This skill appears coherent for booking eyebrow services, but before installing: 1) Verify the Lokuli domain/service is legitimate and you trust it; 2) Confirm how authentication is handled — SKILL.md does not describe any credentials or consent flow, so ask whether bookings will require an account or API key; 3) Be aware the agent will send personal contact details (name, email, phone) to an external endpoint — only provide information you consent to share; 4) Confirm the agent will always ask for your approval before creating bookings to avoid unwanted reservations and charges; 5) If you need stricter privacy, request an explicit mention of auth, data retention, and what the service will do with booking data.
Review Dimensions
- Purpose & Capability
- okThe name/description (book eyebrows via Lokuli MCP) matches the SKILL.md: it provides an MCP endpoint and JSON-RPC templates for search, check_availability, and create_booking. There are no unrelated dependencies or bizarre requirements.
- Instruction Scope
- noteInstructions only include calling the Lokuli MCP endpoint with JSON-RPC payloads for searching and creating bookings. They do not ask the agent to read local files or unrelated environment variables. One omission: the doc does not mention any authentication or consent flow for sending customer contact details to the endpoint, which should be clarified.
- Install Mechanism
- okNo install spec or code is present (instruction-only), so nothing is written to disk. This is the lowest-risk install profile.
- Credentials
- noteThe skill requests no environment variables or credentials (consistent with the SKILL.md). However, the MCP endpoint may realistically require authentication in production; the absence of any declared auth/credential requirements could indicate an incomplete spec rather than malicious intent.
- Persistence & Privilege
- okalways:false and default model invocation settings are used. The skill does not request persistent or elevated privileges and does not modify other skills or system-wide config.