Back to skill
Skillv1.0.0
ClawScan security
Oecd · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 19, 2026, 5:08 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only informational summary about the OECD and its claims, with no code, no installs, and no requested secrets — its declared purpose matches what it contains.
- Guidance
- This skill is essentially a static informational summary about the OECD and appears coherent and low-risk: it asks for nothing and contains no executable code. Before installing, consider that the skill's source and homepage are unknown — verify content freshness and accuracy against the official OECD website if you need authoritative, up-to-date data. If you require automated data access (APIs, downloads, or frequent updates), prefer a skill that cites its data sources or requires explicit API credentials rather than a static description.
Review Dimensions
- Purpose & Capability
- okThe name, description, and SKILL.md all describe OECD background, data and policy roles. There are no extra requirements (binaries, env vars, config paths) that would be unnecessary for an informational skill.
- Instruction Scope
- okSKILL.md is purely descriptive content and a 'read_when' trigger list; it does not instruct the agent to access files, credentials, external endpoints, or perform actions outside of providing information.
- Install Mechanism
- okNo install spec and no code files are present, so nothing is written to disk or downloaded during installation.
- Credentials
- okThe skill declares no environment variables, credentials, or config paths — this is proportionate for a read-only informational skill.
- Persistence & Privilege
- okalways is false and there is no indication the skill requests elevated or persistent privileges or modifies agent/system configuration.