Skillv1.0.0

ClawScan security

Cocktail Boy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 8, 2026, 4:36 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is a self-contained, instruction-only cocktail lookup tool whose files and behavior are coherent with its claimed purpose; no secrets, network calls, or risky installs are present, though there are minor documentation/file-path inconsistencies and optional shell RC suggestions to note.
Guidance: This skill appears to do what it says: local CSV-based cocktail search and recommendations via simple bash scripts. Before installing or enabling it: 1) note the minor documentation mismatch (skill.json claims scripts/cocktail-boy which is not in the package) — fix or verify the intended entrypoint; 2) inspect scripts/query.sh yourself (it's short, uses awk/grep/cut/shuf) to confirm you’re comfortable running them; 3) do not blindly paste any suggested ~/.bashrc lines — if you want a shortcut, add it manually after review; 4) run demo.sh in a sandbox or with stdout/stderr visible to confirm behavior; and 5) because the skill can be invoked autonomously by agents (platform default), only enable it for agents you trust. Overall there are no secrets, network calls, or obscure installers in this package.

Review Dimensions

Purpose & Capability: noteThe name/description (cocktail lookups/recommendations) matches the included CSV database and the shell scripts that search it. Minor inconsistencies: skill.json lists a main executable at scripts/cocktail-boy which is not present in the file manifest, and SKILL.md/README reference varying database paths (cocktail-db/rohan_cocktails.csv vs data/rohan_cocktails.csv). These look like bookkeeping/documentation mistakes rather than malicious mismatches.
Instruction Scope: noteSKILL.md instructs the agent to run the local scripts/query.sh against the included CSV. The scripts only read the local CSV and print results; they do not access network resources or other system credentials. SKILL.md mentions optionally adding a shortcut to ~/.bashrc — this is an out-of-band suggestion (persistence-ish) but not implemented in install files. No instructions request unrelated system files or secrets.
Install Mechanism: okNo install spec and no external downloads are present. This is an instruction-only skill with local shell scripts and an included CSV — lowest-risk install profile.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The scripts use $HOME to compute their local skill path, which is normal. There are no requests for tokens, keys, or unrelated service credentials.
Persistence & Privilege: notealways is false and the skill is user-invocable; it can be invoked autonomously by the agent (platform default). SKILL.md mentions optionally adding a shortcut to ~/.bashrc, which could create a convenience alias if a user chooses to do so — but no installer automatically modifies shell RC files in the provided package.