ClawHub
Back to skill
v1.0.1

Book Window Cleaning

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:23 AM.

Analysis

The skill matches its window-cleaning booking purpose, but it can send contact details to an external MCP service and create a real booking without documented confirmation safeguards.

GuidanceReview this skill before installing. It appears purpose-aligned and has no local code or credential requirements, but you should only use it if you are comfortable with Lokuli receiving booking/contact details and you should require explicit confirmation before any real appointment is created.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceMediumStatusConcern
SKILL.md
"name": "create_booking", "arguments": { "providerId": "xxx", "serviceId": "yyy", "timeSlot": "2025-02-10T14:00:00-08:00", "customerName": "John Doe", "customerEmail": "john@example.com", "customerPhone": "+13105551234" }

The skill exposes a direct booking action using customer contact details, but the artifact does not include instructions to obtain explicit user confirmation before creating the booking.

User impactA mistaken or premature tool call could create an unwanted service appointment and share the user's contact details with the booking provider.
RecommendationBefore installation or use, require the agent to confirm the provider, service, date, time, price if available, contact details, and cancellation terms before calling create_booking.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
metadata
Source: unknown; Homepage: none

The registry metadata does not provide a source repository or homepage, limiting provenance checks for the external booking integration.

User impactUsers have less information to verify who maintains the skill or how the Lokuli MCP integration is governed.
RecommendationVerify the provider and endpoint before relying on the skill for real bookings, especially if sharing personal contact information.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
https://lokuli.com/mcp/sse ... Transport: SSE | JSON-RPC 2.0 | POST requests ... "customerEmail": "john@example.com", "customerPhone": "+13105551234"

The skill discloses use of an external MCP endpoint and shows that booking requests include personal contact information.

User impactUsing the skill may send the user's name, email, phone number, and booking preferences to Lokuli's MCP service.
RecommendationUse only if the user is comfortable sharing contact information with Lokuli and the chosen service provider; provide the minimum necessary personal details.