Back to skill
Skillv1.0.0
ClawScan security
Content Creator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 14, 2026, 1:56 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- Instructions, requirements, and requested actions align with a meta content-orchestration skill; the only notable risk is that it instructs use of npx to fetch and run other skills (networked code execution), so review upstream packages before installing.
- Guidance
- This skill appears coherent for orchestrating writing-editing sub-skills, but it relies on running npx commands that will fetch and execute remote packages (clawhub and the listed skills). Before installing or running: 1) Inspect and pin the versions of clawhub and each upstream skill (avoid always using @latest). 2) Review the upstream skills' manifests/readmes for any requested env vars or network endpoints. 3) If possible, run installations in an isolated environment (container or VM) rather than on a sensitive host. 4) Verify the reputation/source of the clawhub package and the listed upstream skills (owner, package contents). These steps reduce supply-chain risk from remote install/update commands.
Review Dimensions
- Purpose & Capability
- okThe skill is a meta-orchestrator that coordinates four writing/editing sub-skills. Requiring node and npx is coherent because the SKILL.md explicitly instructs using npx to install those upstream skills. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md stays on-topic: it collects user inputs, prescribes a five-stage editing pipeline, and invokes named upstream skills. It does not ask to read local files, system config, or any unrelated environment variables. However, the instructions do require running network install commands (npx clawhub@latest ...) which will fetch and execute remote code.
- Install Mechanism
- noteThere is no formal install spec in the package, but the runtime instructions tell the operator to run npx -y clawhub@latest install <skill> and npx update --all. npx performs on-demand network fetch and executes code from the npm/registry namespace (clawhub and the listed skills). This is a common mechanism but carries moderate risk: remote code execution and supply-chain changes if the remote package changes. Consider pinning versions and auditing the clawhub and upstream skill packages before running them.
- Credentials
- okThe skill declares no required environment variables or credentials, which matches its content-creation purpose. Note: the upstream skills it installs could themselves request credentials or env vars; the SKILL.md notes an optional analyzer (ai-humanizer) — check those upstream manifests for any additional secrets.
- Persistence & Privilege
- okNo elevated persistence requested: always is false, disable-model-invocation is false (normal), and there are no config paths or system-wide modifications declared. The skill does instruct installing other skills locally, but that is not the same as requesting persistent platform privileges.