Back to skill
Skillv1.0.2
ClawScan security
Local Deep Research · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 5:36 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill does what it claims — it talks to a user-configured Local Deep Research (LDR) service using curl/jq and local credentials — but it will source a local .env file if present, so verify that file contains only LDR-related secrets before use.
- Guidance
- This skill appears coherent and implements only the local interactions it claims. Before installing: ensure LDR_BASE_URL points to a service you control (localhost or a trusted host), use a dedicated low-privilege LDR account for LDR_SERVICE_USER/LDR_SERVICE_PASSWORD, and verify the contents of ~/.config/local_deep_research/config/.env (or any .env you use) so it does not contain unrelated secrets. Review scripts/ldr-research.sh yourself if you're unsure, and consider running the skill in a container or VM with network access limited to your LDR host. Note: registry metadata lacked a homepage but SKILL.md references a GitHub repo; this is a minor metadata inconsistency to be aware of.
Review Dimensions
- Purpose & Capability
- okThe name/description (local multi-cycle research via an LDR service) matches the required items: curl/jq and LDR-specific env vars (LDR_BASE_URL, username/password). No unrelated credentials, binaries, or weird installs are requested. The presence of a script to call a local API is appropriate for this purpose.
- Instruction Scope
- noteSKILL.md and the script limit network I/O to the configured LDR_BASE_URL (default localhost) and describe a session+CSRF login flow; that is within scope. However, the script will optionally source ~/.config/local_deep_research/config/.env if that file exists, which can expose any variables placed there to the skill process; SKILL.md warns about this but sourcing is automatic when present and may surprise less technical users.
- Install Mechanism
- okThere is no install spec (instruction-only skill) and included code is a small shell script; nothing is downloaded from external URLs or installed automatically. This is low-risk from an install mechanism perspective.
- Credentials
- noteRequested env vars (LDR_BASE_URL and credentials) are proportional to the stated task. The script accepts multiple fallback variable names and will load a local .env; that flexibility is useful but increases the chance of unintentionally exposing other local secrets if the .env contains unrelated variables.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request system-wide changes or modify other skills. It creates a temporary cookie jar and cleans it up on exit. Autonomous invocation is allowed (normal default) but not combined with elevated privileges.