Skillv1.0.12

ClawScan security

Gws Workflow Weekly Digest · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 31, 2026, 6:35 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only wrapper that calls a gws CLI to produce a weekly calendar + unread-email summary and its declared requirements match that purpose, but it relies on an external gws-shared auth document (not included) and the skill source is unknown — you should verify the gws tool and the shared auth before installing.
Guidance: This skill itself is a small wrapper that runs the 'gws' CLI to fetch a weekly agenda and unread-email counts. Before installing: (1) inspect the referenced ../gws-shared/SKILL.md to see what auth it requires and what OAuth scopes or tokens it asks you to provide (Gmail/Calendar scopes can be sensitive); (2) verify the provenance and integrity of the 'gws' binary you will run (is it from a trusted vendor/repo?); (3) confirm the read-only claim by reviewing gws-shared and any global flags, and consider running it first in a test account with least-privilege credentials; and (4) be cautious because the skill source/homepage is unknown — lacking that provenance lowers confidence.

Purpose & Capability: okName/description match the single required binary 'gws' and the SKILL.md only documents running 'gws workflow +weekly-digest' to combine calendar and Gmail data — the requested capability aligns with the stated purpose.
Instruction Scope: noteThe runtime instructions are narrow (invoke the gws CLI). They refer to a prerequisite ../gws-shared/SKILL.md for auth and global flags; that external dependency is not included here, so the operational scope (especially auth behavior) is delegated elsewhere and should be inspected.
Install Mechanism: okInstruction-only skill with no install spec or code files — nothing is written to disk by the skill itself.
Credentials: noteThis skill declares no required environment variables, but it explicitly defers auth to ../gws-shared/SKILL.md. That file (not present) likely requests Google OAuth credentials or service-account tokens granting Gmail/Calendar access; the lack of explicit credential declarations reduces transparency and should be checked.
Persistence & Privilege: okalways:false and no install actions — the skill does not request permanent presence. Standard autonomous invocation is allowed (platform default); combined with delegated Google credentials this means the agent could access emails/calendar if granted those scopes.