Skillv1.0.0

ClawScan security

Clawhub Skill Creator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 22, 2026, 4:55 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, scripts, and instructions are coherent with its stated purpose (creating and packaging Clawhub skills); nothing requested or installed appears disproportionate or unexpected.
Guidance: This skill appears coherent and low-risk for its purpose, but review before running: (1) The documentation refers to a validate.sh that isn't included — do not assume missing scripts exist. (2) Inspect scripts/init-skill.sh and scripts/package-skill.sh to ensure they do only what you expect (they create files, validate local structure, and zip the directory). (3) Packaging requires standard tools (jq, zip); ensure those are available or run in a controlled environment. (4) Publishing via 'clawhub publish' sends content to the registry — verify you intend to upload the skill. (5) Because the skill can be invoked by an agent, avoid granting additional credentials or env vars unless strictly needed. If you want higher assurance, run the scripts in a sandbox or container and confirm their outputs before publishing.

Review Dimensions

Purpose & Capability: okName and description match the included content: a comprehensive SKILL.md, references, and two utility scripts to initialize and package skills. The files provided (init and package scripts, metadata guidance, validation checklist, token guidance, versioning) are all appropriate for a 'skill creator' tool.
Instruction Scope: noteSKILL.md stays within the stated purpose (authoring, structuring, validating, and publishing skills). It tells the operator to run local scripts and clawhub CLI commands, which is expected. Minor inconsistency: SKILL.md references a ./scripts/validate.sh in Phase 8, but the repo contains init-skill.sh and package-skill.sh (no validate.sh). This is likely a documentation mismatch rather than malicious behavior; review before running.
Install Mechanism: okNo install spec — instruction-only with two small shell scripts. No downloads from external URLs or archives. Low install risk. The packaging script relies on standard tools (jq, zip, grep/sed) which are typical for local packaging.
Credentials: okNo required environment variables, no credentials requested in _meta.json or SKILL.md. The guidance to use 'clawhub publish' is appropriate for this tool and explains where network interaction would happen (the registrar).
Persistence & Privilege: okSkill is not marked always:true and does not request system-wide persistence or modify other skills' configs. Scripts create local files and produce a package; they do not store tokens or alter global agent settings.