Skillv1.1.0

ClawScan security

student-rooms · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 8, 2026, 1:14 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, declared requirements, and purpose are internally consistent for a CLI-based student accommodation scanner; however the package provides no code or install instructions and has no provenance, so you should verify the external CLI/source before running anything it suggests.
Guidance: This skill is an instruction-only guide for using a separate 'student-rooms' CLI; the skill package itself contains no code. Before using: 1) Verify and obtain the student-rooms CLI from a trusted source (GitHub/org/release) — do not run arbitrary Python modules you downloaded from unknown places. 2) If you enable notifications, only provide tokens (Telegram bot token, webhook URL, OpenClaw access) to the installed tool and store them securely. 3) Be aware the tool scrapes provider sites and may store local state (seen-options) — run it in an isolated environment (virtualenv/container) if you are concerned. 4) If you plan to use OpenClaw integration, confirm what the CLI will send to OpenClaw (message vs agent mode) to avoid leaking more context than intended.

Review Dimensions

Purpose & Capability: okName/description (search/monitor Yugo & Aparto) matches the CLI commands and features documented in SKILL.md (discover, scan, watch, probe-booking, notifications). The declared absence of required binaries/env vars is consistent with this being an instruction-only skill that expects an external student-rooms CLI to already exist.
Instruction Scope: noteSKILL.md tells the agent to run python -m student_rooms and to read/write a config.yaml in the tool's directory; it does not instruct reading unrelated system files or exfiltrating secrets. However it assumes a local codebase/virtualenv and persistent storage for seen-options; the skill does not supply or fetch that code, so the instructions will only work if the external CLI is present.
Install Mechanism: okNo install spec or downloads are present (instruction-only). This minimizes direct supply-chain risk from the skill package itself but places the burden on the user to obtain the student-rooms CLI from a trustworthy source.
Credentials: okThe skill declares no required environment variables. Notification backends (telegram webhook, openclaw) will require tokens/URLs if used — that is proportional to the notification feature and is documented in SKILL.md. No unrelated credentials or system paths are requested.
Persistence & Privilege: okThe skill is not forced-always and has no special persistence or system-wide configuration changes documented. It references local persistence for seen-options in the external CLI, which is expected for a watcher.