Back to skill
Skillv1.0.1
ClawScan security
Book Math Tutor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:06 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions align with its stated purpose (booking math tutors via Lokuli's MCP), but there are a few operational and privacy/usability gaps to be aware of.
- Guidance
- This skill appears to do what it says: call Lokuli's MCP to find and book math tutors. Before installing or using it, consider: (1) verify who operates lokuli.com (no homepage/source listed); (2) ensure the agent asks you for location, date/time, and contact details and confirms the booking before creating it (the SKILL.md uses example/hard-coded values); (3) confirm how authentication to Lokuli is handled by your agent/platform (no credentials are declared); and (4) avoid giving it permission to act fully autonomously unless you trust the endpoint and want automatic bookings. If any of these are unclear, request more information from the skill author or test in a safe environment first.
Review Dimensions
- Purpose & Capability
- okThe name/description match the instructions: the SKILL.md shows JSON-RPC calls (search, check_availability, create_booking) against Lokuli's MCP endpoint. There are no unrelated binaries, credentials, or installs requested.
- Instruction Scope
- noteInstructions are narrowly scoped to searching and creating bookings via the MCP endpoint. However, the examples contain hard-coded/example values (zipCode: 90640, customerName/email/phone, example dates) and there is no explicit step to prompt the user for confirmation, validate customer contact info, or obtain consent before creating bookings. That could lead to accidental or incorrect bookings if the agent acts autonomously.
- Install Mechanism
- okNo install spec or code files; this is an instruction-only skill so nothing will be downloaded or written to disk by the skill itself.
- Credentials
- okThe skill declares no environment variables or credentials, which is proportionate. Note: it interacts with an external endpoint (lokuli.com) but does not explain authentication — likely the platform or tools layer provides auth; absent that, the skill would be unable to make authenticated bookings.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request persistent system privileges or modify other skills. It can be invoked by the agent (normal default) but does not demand elevated persistence.