Skillv1.0.0

ClawScan security

Astrazeneca Plc · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 29, 2026, 7:02 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only company profile about AstraZeneca; its content, requirements, and behavior are internally consistent and proportional to the stated purpose.
Guidance: This skill is an informational profile and appears safe to install from a technical perspective. Before using it for critical decisions, confirm the provenance and accuracy (source is unknown and no homepage is provided). If you need current financials or regulatory details, cross-check against official AstraZeneca filings or trusted news sources. Note that although the skill can be invoked autonomously by the agent (default behavior), it asks for no credentials or system access.

Purpose & Capability: okName/description (AstraZeneca company profile) match the SKILL.md contents: background, products, pipeline, and competitive analysis. The skill declares no binaries, env vars, or installs, which is appropriate for a read-only informational skill.
Instruction Scope: okSKILL.md contains only static informational text and a short 'read_when' list describing contexts where the content is useful. There are no runtime commands, file reads, network calls, or instructions to access unrelated system data.
Install Mechanism: okNo install spec and no code files — nothing is written to disk or downloaded. This is the lowest-risk installation model and matches the skill's informational purpose.
Credentials: okThe skill requests no environment variables, credentials, or config paths. There is no disproportionate access requested relative to its described function.
Persistence & Privilege: okFlags are default (not always:true). The skill does not request persistent or elevated privileges, and contains no instructions to modify agent/system configuration.