Back to skill
Skillv1.0.0
ClawScan security
Amazon Prime · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 23, 2026, 9:07 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, read-only informational skill about Amazon Prime; it asks for no credentials, installs, or system access and its content matches its name and description.
- Guidance
- This skill is a simple informational document and appears internally consistent. It's low-risk because it asks for nothing and contains no executable install steps. If you care about provenance, note the skill's source/homepage are missing and the registry owner ID is unknown; if that matters for trust, prefer skills that link to an official source or repository before installing.
Review Dimensions
- Purpose & Capability
- okThe SKILL.md is a factual/analytical write-up about Amazon Prime and matches the skill name/description. The skill declares no capabilities or external integrations that would be inconsistent with an informational summary.
- Instruction Scope
- okSKILL.md contains static content and 'read_when' hints; it does not instruct the agent to run commands, access files, environment variables, or external endpoints. There is no scope creep in the runtime instructions.
- Install Mechanism
- okNo install spec and no code files are present. Nothing will be written to disk or fetched at install time.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The skill does not ask for any sensitive information.
- Persistence & Privilege
- okalways is false and the skill is user-invocable (normal defaults). It does not request persistent system-level privileges or modify other skills' configs.