Back to skill
Skillv1.4.0
ClawScan security
Evaluate Agent-Native · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 6:52 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- Instruction-only evaluator that is internally consistent with its stated purpose and requests no credentials or installs; it does ask agents to read and (optionally) follow external URLs, so exercise caution before allowing autonomous execution.
- Guidance
- This skill is coherent and doesn't request secrets or installs, so it's reasonable to enable for manual evaluations. However, be careful if you allow the agent to 'follow' arbitrary URLs autonomously: external onboarding docs can contain instructions that cause the agent to attempt account provisioning, credential use, or other side effects. Recommendations: (1) prefer read-only analysis of URLs rather than automatic execution; (2) require a human review/approval step before the agent performs actions it discovered; (3) sandbox or restrict tools the agent can use when testing unknown URLs; and (4) never expose real credentials or secrets while evaluating onboarding flows.
Review Dimensions
- Purpose & Capability
- okName and description match the SKILL.md content: the skill's goal is to evaluate 'agent-native' properties and the instructions only require reading webpages/URLs and analyzing text. No unrelated binaries, env vars, or installs are requested.
- Instruction Scope
- noteSKILL.md explicitly directs agents to read service homepages, documentation, and machine-readable protocol files (e.g., SKILL.md) and even suggests the 'Read <url> and follow the instructions' pattern. That is coherent with the purpose (testing URL Onboarding) but grants the agent broad discretion to interpret and act on external instructions — a behavioral risk if the agent is allowed to execute onboarding steps autonomously.
- Install Mechanism
- okNo install spec and no code files; instruction-only skills are lowest-risk from an install perspective.
- Credentials
- okNo required environment variables, credentials, or config paths are declared or referenced in the SKILL.md — appropriate for a read/analyze evaluator.
- Persistence & Privilege
- okalways is false and the skill does not request persistent presence or attempt to modify other skills or system configurations.