Back to skill
Skillv1.0.0
ClawScan security
Cargill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 30, 2026, 3:20 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- An instruction-only informational skill about the company Cargill; it is internally consistent and does not request extra system access or credentials.
- Guidance
- This skill is a static, read-only summary about Cargill and appears safe to install from a technical perspective. Note that the source is 'unknown' and there is no homepage — the content may be unverified or out of date (e.g., revenue/employee figures). If you need authoritative or up-to-date data, prefer official company filings, trusted news sources, or API integrations. If you plan to rely on this for decisions, verify provenance and date of the information first.
Review Dimensions
- Purpose & Capability
- okName/description match the SKILL.md content (company history, business model, analysis). There are no declared requirements that are unrelated to an informational skill.
- Instruction Scope
- okSKILL.md is static content and 'read_when' metadata only; it does not instruct the agent to read local files, environment variables, or send data externally. The instructions stay within an informational scope.
- Install Mechanism
- okNo install spec and no code files — nothing is written to disk or installed. This is the lowest-risk install pattern.
- Credentials
- okNo environment variables, credentials, or config paths are requested; the skill does not ask for secrets or unrelated access.
- Persistence & Privilege
- okalways:false and default invocation settings; the skill does not request persistent or elevated privileges and does not modify other skills or system settings.