Back to skill
Skillv1.0.0
ClawScan security
Swarovski · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 17, 2026, 8:56 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only brand guide for Swarovski; its requested footprint (no installs, no env vars, no binaries) matches its stated purpose and contains no suspicious instructions.
- Guidance
- This skill is low-risk and internally coherent: it only contains a static brand guide and asks for no credentials or installs. Two practical cautions before installing: (1) the skill's source and homepage are unknown — if you need authoritative or up-to-date corporate facts (for legal, commercial, or publication use), verify details against Swarovski's official site or primary sources; (2) be mindful of trademark/copyright restrictions if you plan to republish content. If you require verifiable or commercial-grade data, prefer skills with a known maintainer or an official data source.
Review Dimensions
- Purpose & Capability
- okThe skill name and description promise Swarovski brand information and the SKILL.md is exactly that — a brand history, product matrix, and notes on craftsmanship and sustainability. There are no unexpected requirements (no credentials, binaries, or config paths).
- Instruction Scope
- okRuntime instructions are limited to serving as a brand guide (read_when triggers are reasonable). The document does not instruct the agent to read unrelated files, access environment variables, call external endpoints, or exfiltrate data.
- Install Mechanism
- okNo install specification or code files are present (instruction-only). Nothing will be written to disk or downloaded at install time.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths — this is proportionate for a static informational skill.
- Persistence & Privilege
- okalways is false and the default autonomous invocation is allowed (platform default). The skill does not request elevated or persistent privileges or attempt to modify other skills or system settings.