Back to skill
Skillv1.0.14
ClawScan security
Gws Gmail Reply All · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 31, 2026, 6:34 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- An instruction-only wrapper that calls the local 'gws' CLI to perform a Gmail reply-all; it is internally coherent but depends on a separate shared SKILL.md for authentication, so inspect that shared auth configuration before installing.
- Guidance
- This skill is a lightweight wrapper around a local 'gws' CLI and appears to do only what it says (reply-all). Before installing: 1) verify the 'gws' binary on your system (which version, where it came from, and whether you trust it). 2) Open ../gws-shared/SKILL.md (or run the recommended 'gws generate-skills' in a safe environment) to see exactly what authentication, environment variables, and scopes are required — the shared file likely contains the Gmail credentials that this command will use. 3) Confirm you are comfortable granting the gws tooling access to your Gmail account and that attachments or drafts handling meets your safety/privacy needs. If you cannot inspect the gws binary or the shared auth file, treat installation as higher risk.
Review Dimensions
- Purpose & Capability
- noteThe skill's name, description, and runtime instructions consistently describe a single purpose: invoking the 'gws' CLI to reply-all to a Gmail message. The only mismatch is that this SKILL.md does not declare any auth or environment variables itself — it delegates auth and global flags to ../gws-shared/SKILL.md (expected for shared tooling, but the required credentials/scope will be defined outside this file).
- Instruction Scope
- okAll runtime instructions are limited to invoking the 'gws' CLI with documented flags and options. The SKILL.md does not instruct reading arbitrary system files, network endpoints, or unspecified environment variables. It does instruct the user/agent to consult ../gws-shared/SKILL.md for auth and global flags.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files; nothing is written to disk by the skill itself. The risk surface is primarily the external 'gws' binary that must already exist on PATH.
- Credentials
- noteThis skill declares no required environment variables or credentials itself, which is proportional to an instruction-only wrapper. However, it explicitly defers authentication and global flags to ../gws-shared/SKILL.md; those external requirements may request Gmail credentials or other env vars — inspect that shared file to confirm the exact credentials and scopes requested.
- Persistence & Privilege
- okNo elevated persistence is requested (always: false). The skill is user-invocable and may be invoked autonomously by the agent per platform defaults, which is normal for skills; there are no indications it modifies other skills or system-wide settings.