Back to skill
Skillv1.0.0
ClawScan security
Mandarin Oriental · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 16, 2026, 8:01 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- This is a read-only, instruction-only skill that provides Mandarin Oriental brand and history information; it requests no credentials or installs and appears internally consistent, though the source provenance is unknown and some factual claims should be independently verified.
- Guidance
- This skill is low-risk from a technical-permission perspective: it's instruction-only, asks for no credentials, and has no install steps. Before installing, consider two practical points: (1) provenance — the skill lists an unknown source and no homepage; if you care about trustworthiness, prefer skills from known publishers or request more metadata from the author; (2) factual accuracy — the SKILL.md makes many historical and corporate claims (founder, dates, stock code, revenue, etc.); treat these as content that may be imperfect and verify any facts you plan to rely on. If you are uncomfortable with automatic invocation by agents, disable autonomous invocation or only use the skill on demand.
Review Dimensions
- Purpose & Capability
- okThe skill name and description match the SKILL.md content (brand history, service philosophy, flagship hotels). There are no unexpected requirements (no env vars, binaries, or installs) that would be inconsistent with an informational / reference skill.
- Instruction Scope
- okSKILL.md is purely declarative content and read_when triggers for when to use it. It does not instruct the agent to read local files, access environment variables, call external endpoints, or collect/transmit user data beyond serving brand information.
- Install Mechanism
- okNo install specification and no code files are present (instruction-only), so nothing is written to disk or executed during installation.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. The lack of secrets or external-service credentials is proportional to an informational skill.
- Persistence & Privilege
- noteThe skill uses default platform settings (always: false, agent-autonomous invocation allowed). Autonomous invocation is normal for skills, but because the skill's source/homepage is unknown, consider whether you are comfortable allowing an externally authored skill to be invoked by agents automatically.