Back to skill
Skillv0.0.3
ClawScan security
TuhuCar Knowledge Assistant · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 16, 2026, 3:21 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it simply wraps a local 'tuhucar' CLI to query a knowledge gateway and does not request excessive credentials or persistent privileges.
- Guidance
- This skill is coherent and only delegates work to a local 'tuhucar' CLI which will make network requests to its configured endpoint. Before installing or using it: 1) verify you trust the tuhucar CLI package (inspect the GitHub repo and npm/brew package history); 2) confirm the binary you run is the official one (check checksums or installed path); 3) be cautious about TUHUCAR_ENDPOINT — do not set it to an untrusted server, since that would send your queries there; 4) review ~/.tuhucar/config.toml before initializing the config; and 5) when in doubt run commands with --dry-run and prefer the here-doc pattern shown to avoid shell-injection risks.
Review Dimensions
- Purpose & Capability
- okThe skill's name and description match the required binary ('tuhucar') and the SKILL.md instructs calling that CLI to answer car-maintenance questions. Required artifacts (CLI, optional config) are appropriate for the stated purpose.
- Instruction Scope
- okSKILL.md stays on-topic: it instructs building a question, calling the CLI with --format json, parsing data.reply, reusing session_id only per conversation, and not persisting session state. It explicitly warns against interpolating raw user input into shell commands and against modifying ~/.tuhucar/config.toml without approval.
- Install Mechanism
- okThis is an instruction-only skill with no install spec or bundled code. It suggests installing the CLI via npm or brew if missing; those recommendations are normal and the skill itself does not download or execute code.
- Credentials
- noteThe skill does not require credentials or config paths. It does reference the TUHUCAR_ENDPOINT env var (and suggests setting it if config is missing) which is reasonable for an HTTP gateway override — be aware that pointing that env var to an untrusted endpoint would route queries elsewhere.
- Persistence & Privilege
- okThe skill does not request always:true and does not ask to change other skills' configs. It recommends not persisting session_id across conversations and not modifying config without user approval.