Skillv1.0.12

ClawScan security

Recipe Share Folder With Team · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 31, 2026, 6:37 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The recipe is internally consistent: it simply invokes the gws CLI (and depends on the gws-drive skill) to list a folder and create Drive permissions; it does not request unrelated credentials or perform unexpected actions.
Guidance: This recipe appears to be what it says — it runs the gws CLI to share a Drive folder. Before installing or using it: 1) confirm you have a trusted gws CLI and the gws-drive skill installed and that you understand how they authenticate (which account will be used); 2) verify the exact email addresses and roles you intend to grant (writer vs reader) to avoid accidental data exposure; 3) test on a non-sensitive folder first; and 4) review the provenance of the gws-drive skill (publisher/source) since this recipe delegates Drive access to that tool. If you need the agent to prompt for confirmation before making changes, add an explicit confirmation step to avoid accidental sharing.

Purpose & Capability: okThe skill's name/description match the actions in SKILL.md. It requires the gws binary and the gws-drive skill, which are the expected tools for manipulating Google Drive. There are no unrelated binaries, config paths, or unexplained permissions requested.
Instruction Scope: okThe instructions are narrowly scoped: list a folder, create permission entries for specific email addresses, and verify permissions. They do not instruct reading arbitrary system files, accessing unrelated environment variables, or sending data to external endpoints other than the gws CLI (which will talk to Google Drive). The file ID is a placeholder the agent must replace; the recipe expects the gws-drive skill to handle authentication.
Install Mechanism: okThis is an instruction-only skill with no install spec or downloads. That is low risk — it relies on an existing gws CLI installation rather than fetching code.
Credentials: noteNo environment variables or credentials are declared here, which is reasonable for a recipe that delegates auth to the gws/gws-drive tooling. Users should, however, verify where authentication is managed (the gws or gws-drive skill) and ensure that no hidden credential requirements exist there.
Persistence & Privilege: okalways:false and normal invocation. The skill does not request persistent system changes or modify other skills' configs. Its effects are limited to changing Drive sharing settings via the gws CLI.