Skillv1.0.0

ClawScan security

Airbus Group · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 28, 2026, 2:02 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only informational skill about Airbus (history, products, numbers) with no installs, no requested credentials, and no actions outside its described purpose.
Guidance: This skill appears to be a harmless, read-only informational guide about Airbus. It doesn't request credentials nor install software, so risk is low. Before installing, consider: (1) provenance — the registry entry has no homepage and an unfamiliar owner ID, so if you need authoritative or up-to-date data prefer official sources (Airbus reports, regulatory filings); (2) accuracy — the content may be a summary or opinionated analysis and should not be relied on for operational or safety-critical decisions; (3) autonomous use — the skill can be invoked by the agent autonomously (normal for skills), so monitor behavior if you allow autonomous agents. If you require verified data or live metrics, use a skill that links to official APIs or sources.

Purpose & Capability: okThe skill name/description (Airbus Group) matches the SKILL.md content: historical background, product lines, production numbers and analysis of competitive dynamics. Nothing requested or declared (env, binaries, installs) is out of scope for an informational skill.
Instruction Scope: okSKILL.md contains only static explanatory content and 'read_when' contexts for when the agent should use it. There are no runtime commands, no references to system files/paths, and no instructions to read environment variables or transmit data externally.
Install Mechanism: okThere is no install spec and no code files. As an instruction-only skill, it does not write to disk or fetch external packages — this is the lowest-risk install model.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. Nothing requests access to unrelated services or secrets.
Persistence & Privilege: okFlags are default: always:false, user-invocable:true, disable-model-invocation:false. Autonomous invocation is allowed (the platform default) but the skill does not request elevated or persistent privileges.