Skillv1.0.1

ClawScan security

Sainsburys · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 23, 2026, 9:26 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only, read-only skill that provides a static company profile of Sainsbury's and does not request credentials, install software, or perform any system access — its declared purpose matches its content.
Guidance: This appears to be a safe, read-only content skill that provides a company profile of Sainsbury's. Before installing, consider: (1) provenance — the source/homepage is unknown, so verify accuracy if you rely on the data; (2) copyright/licensing if you plan to republish the text; and (3) default agent behavior — the platform allows autonomous invocation by default, but this skill has no network/credential access and poses minimal risk. If you require verifiable sourcing or up-to-date financial figures, prefer an official or referenced data source.

Purpose & Capability: okThe skill's name and description match the SKILL.md content (a company history/analysis of Sainsbury's). It declares no extra requirements (no binaries, env vars, or config paths) that would be inconsistent with a documentation-style skill. Minor metadata mismatch: registry version 1.0.1 vs SKILL.md version 0.1.0, but this is a bookkeeping issue rather than a security concern.
Instruction Scope: okThe SKILL.md contains static text (history, business model, metrics, read_when contexts) and does not instruct the agent to read local files, access environment variables, perform network calls, or transmit data to external endpoints. The 'read_when' hints are scoped to topical uses (e.g., comparing supermarket strategies).
Install Mechanism: okNo install specification or code files are present; this is instruction-only content. That is the lowest-risk install model — nothing is written to disk or fetched at install time.
Credentials: okThe skill requests no environment variables, credentials, or config paths. There are no secrets or unrelated credentials required, which is proportionate for a documentation skill.
Persistence & Privilege: okalways:false and user-invocable:true (defaults). The skill does not request persistent presence or attempt to modify other skills or system settings. Autonomous invocation is permitted by platform default but the skill itself has no privileges or credential access that increase risk.