Skillv1.7.0

ClawScan security

Cai Gun Gun · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 3:15 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and instructions are coherent with a local personal bookkeeping helper: it runs a bundled Python script and stores data in a local data/ directory with no declared external credentials or installs.
Guidance: This skill appears to be a self-contained, local personal bookkeeping helper that executes the included Python script and stores data in a data/ folder inside the skill. Before installing or running it: 1) review the entire scripts/tracker.py file for any network calls (requests/urllib/socket) or subprocess/os.system usage that would access the network or arbitrary filesystem locations — the portion provided shows only local JSON I/O but the file was partially truncated; 2) back up any important data before using export/import features; 3) because the source and homepage are unknown, prefer running it in a sandboxed environment if you are unsure (or inspect the full script yourself); and 4) if you need stronger assurances, ask the publisher for source hosting or a reproducible build so you can audit the code fully.

Review Dimensions

Purpose & Capability: okName/description (personal finance tracker) match the requested artifacts: an included Python script (scripts/tracker.py) and SKILL.md that instructs the agent to run that script. There are no unrelated env vars, binaries, or external services declared. The feature set (add/delete/query/export/report/multi-user) aligns with a local ledger script.
Instruction Scope: okSKILL.md instructs the agent to parse natural-language entries and invoke the local Python script (python scripts/tracker.py ...) to add/delete/export/report. The skill states data is stored locally under the skill's data/ directory. The instructions do not request reading other system config/credentials or transmitting data to external endpoints.
Install Mechanism: okThere is no install spec (instruction-only plus a bundled script). Nothing is downloaded or written to atypical system locations by an install step. Running the included Python script is the expected mechanism.
Credentials: okThe skill declares no required env vars, credentials, or config paths. The script (as reviewed) reads/writes JSON files under a local data/ directory. No requests for unrelated secrets or cloud credentials were found in the provided content.
Persistence & Privilege: okFlags show always:false and normal autonomous invocation permitted. The skill stores only local files within its own data/ directory. It does not request to modify other skills or system-wide configuration in the reviewed content.