Skillv1.0.12

ClawScan security

Recipe Create Presentation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 31, 2026, 6:36 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's actions (creating and sharing a Google Slides file) match its description, but it fails to declare or explain required Google credentials and sharing impacts, so its requirements are incomplete and potentially risky.
Guidance: This recipe will run the gws CLI to create a Google Slides file and then grant writer access to team@company.com. Before installing or using it: - Verify you trust the gws binary (where it came from) and that it is configured with the correct Google account and OAuth scopes; the skill does not declare required credentials. - Replace the placeholder email (team@company.com) with the intended recipient(s) — otherwise you may unintentionally share documents. - Consider running the gws commands manually once to confirm behavior and to see what credentials and scopes are used. - Ensure the dependent skill (gws-slides) is legitimate and that gws is installed from a trusted source. If the skill will be used autonomously, be cautious because it can create and share documents without interactive confirmation.

Purpose & Capability: noteName/description align with the instructions: it uses the gws CLI to create a Slides presentation and then set Drive permissions. The declared required binary (gws) and dependency on a gws-slides skill are coherent with this purpose.
Instruction Scope: concernSKILL.md instructs the agent to run gws commands to create a presentation and to share it with team@company.com. It does not mention where credentials come from, who must approve sharing, or confirm substitution of PRESENTATION_ID. The hard-coded sharing step (writer access to team@company.com) is notable and could expose data if left unchanged.
Install Mechanism: okInstruction-only skill with no install spec and no code files — nothing is written to disk by the skill itself. This reduces supply-chain risk, but the skill depends on an external gws binary already present.
Credentials: concernThe skill declares no required environment variables or credentials, but the gws commands will need Google API credentials/authorization and Drive permissions to create presentations and add permissions. Those credentials and OAuth scopes are not documented, which is an omission that affects security and usability.
Persistence & Privilege: okalways is false and the skill is user-invocable only. The skill does not request persistent system-wide changes in its spec; no elevated persistence is requested.