Back to skill
Skillv1.6.0
ClawScan security
Swarm · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 21, 2026, 6:34 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions match its stated purpose (running three parallel research agents) and it has no installers or requested credentials, but it references a Claude env var and a local settings file that aren't declared — review those before use.
- Guidance
- This skill appears to do what it says and has no installers or secret requests. Before installing/use: 1) Confirm you are comfortable with the agent reading/writing files in your project (it will write docs/research.md). 2) Note the SKILL.md mentions CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS and .claude/settings.json — if you don't want agent teams enabled, do not set that env var; if you do, put it in your Claude settings intentionally. 3) The skill expects WebSearch/WebFetch and optional MCP backends (GitHub/KB/session searches); ensure you trust those integrations and that no sensitive secrets or private repo content will be crawled. 4) If you need stricter controls, request the author to declare the env var/config path formally in the skill metadata and to limit allowed-tools or document exact file access the skill will perform.
Review Dimensions
- Purpose & Capability
- okName/description (launch 3 parallel research agents for market/users/tech) aligns with the SKILL.md instructions: spawn three teammates, use web search/fetch, synthesize into docs/research.md. No unexpected capabilities (no cloud creds, no external installers).
- Instruction Scope
- noteSKILL.md explicitly instructs use of WebSearch, WebFetch, and various MCP tools and to read/write project files (write research.md to docs/). It also references checking/setting .claude/settings.json for CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS. That file path / env var is outside the skill's declared requirements and could involve reading or editing a local config — the instructions do not automatically demand it, but they point the agent/user to it.
- Install Mechanism
- okInstruction-only skill with no install spec and no downloads. Lowest-risk install surface: nothing is written to disk by an installer beyond the agent's normal Write/Read operations.
- Credentials
- noteThe skill declares no required environment variables, yet the documentation references CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS and suggests placing it in .claude/settings.json if agent teams are needed. This is a minor mismatch — the env var itself is reasonable for enabling experimental agent teams, but it should have been declared in requires.env or otherwise documented as a prerequisite.
- Persistence & Privilege
- okalways is false, no elevated persistence requested, and the skill does not attempt to modify other skills or system-wide agent settings (it only writes its own output to docs/). Autonomous invocation is allowed by default (not a red flag on its own).