Back to skill
Skillv1.0.0
ClawScan security
Allianz · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 19, 2026, 8:49 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only informational skill about Allianz (company profile); its declared inputs, instructions, and privileges are consistent with that purpose.
- Guidance
- This skill is an informational company profile and appears internally consistent and low-risk. Before installing, confirm you trust the source (source is unknown here) and be aware that facts/figures (AUM, revenues, timelines) may be out of date or imprecise—verify against Allianz's official filings or reputable financial sources if you need authoritative data. If you plan to use the agent for investment decisions, require citations and current financial statements rather than relying solely on this static summary.
Review Dimensions
- Purpose & Capability
- okThe name and description promise a corporate profile of Allianz; the skill contains only descriptive content and read_when triggers for company/industry queries. There are no unrelated environment variables, binaries, or config paths requested — nothing disproportionate to an informational/company-profile skill.
- Instruction Scope
- okSKILL.md is a static company profile and a short list of conditions when the agent should read it (e.g., queries about Allianz, competitive analysis, investment prep). It does not instruct the agent to read local files, environment variables, or transmit data to external endpoints. There is no scope creep.
- Install Mechanism
- okNo install specification or code files are present; this is instruction-only, so nothing is written to disk or installed. This is the lowest-risk install profile.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. No sensitive access is requested and nothing appears unjustified for a documentation/profile skill.
- Persistence & Privilege
- okFlags show always:false and user-invocable:true. Model invocation is permitted (the platform default) but the skill does not request elevated or persistent system privileges. Nothing modifies other skills or system-wide settings.