Skillv1.0.12

ClawScan security

Recipe Draft Email From Doc · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 31, 2026, 6:36 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions match its stated purpose (reading a Google Doc and drafting/sending a Gmail message); nothing in the recipe requests unrelated access or installs unexpected components.
Guidance: This recipe is coherent for its stated purpose, but before installing: 1) confirm you trust the gws CLI and the referenced gws-docs/gws-gmail skills, because those components will require Google account authorization (check what OAuth scopes they request). 2) Be careful with document selection and the recipient address—the recipe, as written, sends the doc content directly with no preview step and could leak sensitive information. 3) Test with a non-sensitive document and a test recipient first. 4) If you want safety, add an explicit confirmation/preview step before sending.

Purpose & Capability: okThe skill says it will read a Google Doc and use it as a Gmail message body; the SKILL.md calls the gws CLI and references gws-docs and gws-gmail skills—these are appropriate and proportional to the stated purpose.
Instruction Scope: noteInstructions are narrowly scoped to calling the gws docs get command and then sending mail via gws gmail. One operational note: the recipe directly sends email with the doc content (no preview/confirmation step in the instructions), which could cause accidental disclosure of sensitive document contents if used without care.
Install Mechanism: okThis is an instruction-only skill with no install spec or downloaded code, so nothing is written to disk by the skill itself.
Credentials: noteThe skill declares no env vars (appropriate). However, the referenced gws-docs and gws-gmail skills and the gws CLI will require Google credentials/authorization at runtime (OAuth tokens/scopes). Those credentials are expected for this functionality but are not shown here; users should verify the scopes requested by the underlying gws-related skills.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request persistent system privileges or modify other skills' configs.