Skillv1.0.12

ClawScan security

Persona Event Coordinator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 31, 2026, 6:35 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared requirements and runtime instructions match its stated purpose (event planning via the gws helper and related gws-* utility skills); nothing in the SKILL.md asks for unrelated secrets or system access — but provenance is minimal and the functionality depends on external gws utilities, so review those before installing.
Guidance: This skill is internally coherent for event coordination, but it is instruction-only and depends on an external 'gws' binary and several gws-* utility skills. Before installing or enabling it: 1) Verify the provenance and integrity of the 'gws' binary (where it comes from and what it can do). 2) Inspect the gws-calendar, gws-gmail, gws-drive, gws-chat, and gws-sheets skills to see what credentials they require and what scopes they request (least-privilege). 3) Prefer using test or limited-permission Google accounts first. 4) If you cannot verify the source of gws or the helper skills, treat this as higher risk despite the skill itself being instruction-only.

Review Dimensions

Purpose & Capability: okThe name/description (event scheduling, invitations, logistics) align with the actual instructions: create calendar entries, upload Drive files, send Gmail invites, post to Chat, and append Sheets. The declared dependency on the gws binary and the listed gws-* utility skills (gws-calendar, gws-gmail, gws-drive, gws-chat, gws-sheets) is coherent with the stated purpose.
Instruction Scope: okSKILL.md limits actions to calling gws subcommands and workflows for calendar, drive, gmail, chat, and sheets. It does not instruct reading arbitrary host files, accessing unrelated env vars, or transmitting data to unknown endpoints. The persona explicitly requires those utility skills; runtime behavior is bounded to those integrations.
Install Mechanism: okThere is no install spec and no code files — this is instruction-only. That minimizes on-disk execution risk. The only runtime requirement is an existing 'gws' binary and the referenced helper skills.
Credentials: noteThe skill itself requests no environment variables or credentials, which is consistent. However, it depends heavily on the gws binary and the gws-* utility skills to perform actions that normally require Google Workspace credentials. Verify those helper skills and the gws binary separately: they are the components that will need credentials and broad access to mail/calendar/drive/sheets/chat.
Persistence & Privilege: okThe skill does not request always:true, does not declare config paths, and is not installing persistent components itself. Autonomous invocation is allowed by default (platform behavior) but this skill does not increase privilege beyond that.