Back to skill
Skillv1.3.3
ClawScan security
Product Hunt Playbook · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 27, 2026, 5:36 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only marketing/playbook skill about Product Hunt launches; it requests no credentials, has no install steps or code, and its requirements line up with its stated purpose.
- Guidance
- This skill is a read-only playbook and is internally consistent with its description. Before using tactics from the guide, review them for ethical and Product Hunt policy compliance — especially any "anti-spam avoidance" advice that could cross into rule-evading behavior. If you follow external links (GitHub repos or Gumroad), inspect those resources before installing or paying for anything. Because this is documentation-only, there is no credential risk from installing the skill itself, but exercising the suggested tactics could have reputational or platform-policy consequences.
Review Dimensions
- Purpose & Capability
- okThe skill is a playbook/guide for Product Hunt launches and its SKILL.md contains marketing, tactical guidance, links to related resources, and paid offerings. It requests no binaries, env vars, or config paths — which is appropriate for a documentation-only skill.
- Instruction Scope
- noteThe SKILL.md is purely guidance and promotion (hour-by-hour tactics, ranking analysis, anti-spam avoidance notes, links to GitHub and Gumroad). It does not instruct the agent to read files, access environment variables, or call external APIs. One caution: the document includes an "anti-spam avoidance" section which could contain tactics that attempt to evade Product Hunt rules — that is an ethical/platform-compliance concern rather than a technical coherence/security issue.
- Install Mechanism
- okNo install spec and no code files are present. This minimizes risk because nothing will be written to disk or executed automatically by the agent if installed.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. There is no disproportionate request for secrets or unrelated credentials.
- Persistence & Privilege
- okThe skill is not forced-always; it is user-invocable and allows normal autonomous invocation. It does not request persistent system privileges or attempt to modify other skills or system-wide settings.