Back to skill
Skillv1.0.0
ClawScan security
Jp Morgan · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 3:04 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This is an instruction-only informational profile about JPMorgan Chase with no code, install steps, credentials, or data access.
- Guidance
- This appears safe to install as an informational skill. As with any reference content, users may want to verify factual claims independently, but there is no artifact-backed security concern.
Review Dimensions
- Purpose & Capability
- okThe skill’s stated purpose is company/background research, and the SKILL.md content is limited to informational JPMorgan Chase history, business model, and key facts.
- Instruction Scope
- okRuntime instructions only define when the skill should be read; they do not direct tool use, account access, command execution, or user-impacting actions.
- Install Mechanism
- okThere is no install specification and no code files, so the artifact set does not introduce package, script, or dependency risk.
- Credentials
- okThe skill declares no required binaries, environment variables, credentials, config paths, or OS-specific access, which is proportionate for an informational reference skill.
- Persistence & Privilege
- okNo persistence, background behavior, privilege escalation, credential handling, or mutation authority is evidenced in the artifacts.