Back to skill
Skillv1.0.0
ClawScan security
Intuit Inc · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 23, 2026, 2:05 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, informational skill summarizing Intuit; it requires no installs, credentials, or privileged access and is internally consistent with its stated purpose.
- Guidance
- This appears to be a safe, read-only informational skill about Intuit. Before relying on it for decisions, verify any facts (financial metrics, legal/regulatory claims) against authoritative sources because the SKILL.md has no source citations and may become out of date. If you expect the agent to perform account-specific or transactional tasks (e.g., access QuickBooks/TurboTax), prefer a skill that explicitly declares the required API credentials and official endpoints.
Review Dimensions
- Purpose & Capability
- okThe skill's name/description (Intuit company overview) matches the SKILL.md content (history, business model, metrics). It declares no unrelated requirements.
- Instruction Scope
- okSKILL.md contains only descriptive guidance and a short 'read_when' list for when to consult it. It does not instruct the agent to read files, access environment variables, call external endpoints, or perform actions outside an informational scope.
- Install Mechanism
- okNo install spec and no code files are present (instruction-only), so nothing is written to disk or fetched at install time.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. No sensitive access is requested or implied.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; autonomous invocation is allowed (platform default) but the skill itself does not request elevated persistence or modify other skill/system configs.