Back to skill
Skillv1.0.0
ClawScan security
Agilent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 25, 2026, 5:02 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, informational skill about Agilent that requests no credentials, binaries, or installs and its content matches its stated purpose.
- Guidance
- This skill is informational and appears coherent and low-risk: it asks for nothing and only provides company/market content. Note the skill's source/homepage is unspecified, so treat factual claims as unverified — do not rely on it for critical decisions without cross-checking against authoritative sources. Autonomous invocation is allowed by default on the platform (normal behavior) but does not introduce extra risk here because the skill has no network, credential, or install behavior.
Review Dimensions
- Purpose & Capability
- okThe name and description claim a company/market summary and the SKILL.md contains company history, business model, and facts — all consistent with an informational/company-briefing skill.
- Instruction Scope
- okSKILL.md is read-only, contains facts and suggested 'read_when' contexts; it does not instruct the agent to read local files, access environment variables, call external endpoints, or transmit data.
- Install Mechanism
- okNo install spec and no code files — lowest-risk configuration (instruction-only), nothing will be written to disk or downloaded during installation.
- Credentials
- okThe skill declares no environment variables, credentials, or config paths — there are no disproportionate credential requests.
- Persistence & Privilege
- okDefault invocation flags (not always:true). The skill does not request persistent system presence or modify other skills or system settings.