Back to skill
Skillv1.0.0
ClawScan security
Coinbase Company · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 9:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, read-only informational skill about Coinbase; its declared behavior, required resources, and runtime instructions are internally consistent and proportionate to its stated purpose.
- Guidance
- Technically this skill is coherent and low-risk: it's a static informational article with no installs, no secrets, and no instructions to access your system or external endpoints. Before installing, consider provenance — the source is unknown — and verify any critical facts (financial, legal, or technical) against official Coinbase or regulatory documents. If you do not want the agent to autonomously use this content, you can disable model invocation for skills or review the agent's skill-invocation policies; otherwise, installing this skill presents minimal technical risk.
Review Dimensions
- Purpose & Capability
- okName and description promise a company overview and analysis; the SKILL.md contains static company background, metrics, and 'read_when' triggers. There are no unrelated requirements (no creds, binaries, or installs), so requested capabilities match the stated purpose.
- Instruction Scope
- okSKILL.md is purely authored content with metadata telling the agent when to use it. It contains no commands, no references to system files/paths, and does not instruct the agent to read environment variables or transmit data to external endpoints.
- Install Mechanism
- okNo install spec and no code files—this is instruction-only. Nothing is downloaded or written to disk by the skill itself, which minimizes installation risk.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. There is no disproportionate access requested relative to the informational purpose.
- Persistence & Privilege
- okalways is false and the skill does not request persistent or cross-skill configuration. The default ability for the agent to invoke the skill autonomously remains, which is expected for skills and not a problem here.