Back to skill
Skillv1.0.0
ClawScan security
Chipotle Mexican · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 7:07 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only informational skill about Chipotle; its declared requirements and instructions are consistent with its stated purpose and it does not request credentials, install software, or access system resources.
- Guidance
- This skill appears internally consistent and low-risk from a security standpoint because it is instruction-only and requests no credentials or installs. Before relying on its statements, verify factual claims (e.g., revenue, store counts, CEO moves and dates) against primary sources because the SKILL.md mixes some specific facts that may be out-of-date or inaccurate. If you plan to expose sensitive data to any skill, prefer ones that explicitly document needed scopes and data handling; this one does not request any such access.
Review Dimensions
- Purpose & Capability
- okThe skill's name and description promise a business/operational analysis of Chipotle and the SKILL.md contains exactly that content. There are no unrelated required binaries, env vars, or config paths.
- Instruction Scope
- okSKILL.md is purely an informational article/briefing. It does not instruct the agent to run shell commands, read local files, contact external endpoints, or exfiltrate data. No scope creep detected.
- Install Mechanism
- okNo install spec and no code files — lowest-risk, instruction-only skill. Nothing is written to disk or downloaded at install time.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. No disproportionate access is requested.
- Persistence & Privilege
- okDefaults (always: false, user-invocable, model invocation enabled) are appropriate for an informational skill. The skill does not request permanent presence or elevated privileges.