Back to skill
Skillv1.0.0
ClawScan security
Schwab · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 17, 2026, 3:25 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose (providing Charles Schwab company information); it is instruction-only, requires no credentials or installs, and does not ask for system access.
- Guidance
- This skill appears safe to install from a security standpoint because it only contains static informational instructions and requests no permissions or installs. Two non-security points to keep in mind: (1) the SKILL.md provides numerical/financial figures without citations or timestamps — verify important numbers against official filings or Schwab's investor relations for accuracy and freshness; (2) the skill's source/homepage are unspecified — if provenance matters to you, prefer skills that cite sources or official pages. Otherwise there are no red flags requiring credentials or system access.
Review Dimensions
- Purpose & Capability
- okName, description and SKILL.md all describe providing background, history, business structure and financial/competitive analysis of Charles Schwab. The skill requests no binaries, environment variables, or installs — which is proportionate for a read-only informational skill.
- Instruction Scope
- okSKILL.md contains only topical content and triggers ('read_when') for when to provide Schwab-related information. It does not instruct the agent to read local files, access credentials, call external endpoints, or transmit data outside the agent. No scope creep detected.
- Install Mechanism
- okNo install spec and no code files are present (instruction-only). This is the lowest-risk model and matches the skill's informational purpose.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. There are no unnecessary secrets requested.
- Persistence & Privilege
- okalways is false and the skill is user-invocable only. It does not request persistent privileges or to modify other skills or system settings.