Back to skill
Skillv1.0.1
ClawScan security
Book Party · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:06 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only booking adapter for Lokuli MCP and its declared inputs and actions are consistent with that purpose; nothing in the SKILL.md requests unrelated credentials, files, or installs.
- Guidance
- This skill is instruction-only and appears coherent with its stated purpose, but before installing check: 1) whether Lokuli.com is a trusted service for you (the skill will send booking requests to that endpoint); 2) how the agent will obtain real customer info — the SKILL.md uses sample contact data and a sample zip code, so confirm it will prompt you for correct name, email, phone, date/time, and location rather than using placeholders; 3) whether Lokuli requires authentication (the skill does not declare any required API key or token) — if so, verify how credentials are provided and stored; and 4) that you are comfortable the agent may place bookings on your behalf (costs, cancellations, privacy). If any of those are unclear, ask the skill author for documentation or avoid enabling the skill until clarified.
Review Dimensions
- Purpose & Capability
- okName/description (book party via Lokuli MCP) align with the instructions: the SKILL.md defines an MCP endpoint and JSON-RPC tool calls (search, check_availability, create_booking) that are appropriate for finding and booking party services.
- Instruction Scope
- noteInstructions are narrowly scoped to calling Lokuli's MCP endpoint with JSON-RPC tool calls and do not request arbitrary file reads or unrelated env vars. Minor issues: the examples include hardcoded sample values (zipCode 90640, example dates, and a demo customer name/email/phone). The skill should explicitly instruct the agent to prompt the user for real customer contact details and location rather than using sample values.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This is low-risk because nothing is downloaded or written to disk by the skill itself.
- Credentials
- noteThe skill requests no environment variables or credentials. That is proportionate if Lokuli's MCP is accessible without auth or the platform supplies credentials. If Lokuli requires an API key, the SKILL.md should declare which credential is needed; absence of any auth declaration may be an omission to clarify before use.
- Persistence & Privilege
- okThe skill does not request always:true and does not attempt to modify system or other-skill configurations. Normal agent autonomy (model invocation allowed) is fine here.