Back to skill
Skillv1.0.2
ClawScan security
agkan-skills · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 10:37 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only reference for the agkan CLI and its requirements and instructions are consistent with that purpose (no credentials, no installs), with one minor mismatch: the registry metadata does not declare the agkan binary even though the guide assumes it exists.
- Guidance
- This skill is a CLI reference for the agkan tool and appears internally consistent. Before installing or enabling it for autonomous use, verify that the agkan binary you trust is installed on the agent host (the SKILL.md assumes agkan is available), and be aware that some commands (e.g., agkan task add --file ./spec.md) cause the agent to read local files — avoid granting access to sensitive directories or run in an isolated environment if you are unsure. No network credentials or installs are requested, so the risk profile is low.
Review Dimensions
- Purpose & Capability
- noteThe SKILL.md is a CLI reference for the agkan task manager and its commands are coherent with the described purpose. Minor mismatch: the skill metadata lists no required binaries while the guide presumes an 'agkan' CLI is available on PATH (the registry should ideally declare the binary dependency). No other unrelated capabilities or secrets are requested.
- Instruction Scope
- okInstructions are narrow and limited to using the agkan CLI and its JSON output; examples reference reading task body from a local file (--file) which is expected for a CLI tool. There are no instructions to read unrelated system files, access credentials, or post data to external endpoints.
- Install Mechanism
- okThere is no install spec (instruction-only), so nothing is downloaded or written to disk by the skill itself. This is the lowest-risk pattern for a skill that documents a CLI.
- Credentials
- okThe skill requests no environment variables, no credentials, and no config paths. That aligns with its stated role as a local CLI reference and is proportionate.
- Persistence & Privilege
- okThe skill is not marked 'always' and uses default invocation behavior. It does not request persistent system modifications or act on other skills' configs. Autonomous invocation is allowed by platform default but is not combined with any broad privileges here.