Skillv1.0.0

ClawScan security

Skittles · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 22, 2026, 12:07 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only, informational skill about the Skittles candy brand; it requests no installs, credentials, or file access and its contents match the declared purpose.
Guidance: This skill is informational only and appears safe — it has no installs, no code, and requests no credentials. The only small inconsistency is the 'trigger: always_on' line inside SKILL.md versus the registry's always:false flag; confirm how your platform treats that tag if you are concerned about a skill remaining active or being auto-invoked. As with any skill, avoid installing ones that do request credentials, external downloads, or commands you don't expect.

Purpose & Capability: okName, description, and SKILL.md content are coherent: the skill provides background and marketing/history content about Skittles and does not request unrelated resources or permissions.
Instruction Scope: noteSKILL.md contains only descriptive material and suggested research use-cases; it does not instruct the agent to run commands, read files, or call external services. Minor inconsistency: the file begins with 'trigger: always_on' while the registry metadata shows always: false — this appears to be a documentation/meta tag in the skill content rather than an executed install step, but you may want to confirm how your platform interprets that field.
Install Mechanism: okNo install spec and no code files — nothing will be written to disk or downloaded during install.
Credentials: okNo environment variables, credentials, or config paths are requested; the skill does not ask for unrelated secrets or access.
Persistence & Privilege: okRegistry flags show always: false and default autonomous invocation allowed (disable-model-invocation: false). That default is normal; the skill does not request permanent presence or modify other skills/configs.