Skillv1.0.0

ClawScan security

Boardgame Picker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 15, 2026, 11:03 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions are coherent with its stated purpose (suggesting board‑game categories) and it does not request credentials, external installs, or unusual system access.
Guidance: This skill appears self-contained and consistent with its purpose: it parses user inputs and returns category recommendations. Before installing, you can (1) quickly scan the remainder of handler.py (the file in the package) for any network calls (requests, urllib, socket) or subprocess/os.exec usage — none are visible in the excerpt; (2) confirm there are no post-install scripts or hidden install specs in the package; and (3) note that the skill can be invoked autonomously by agents by default, but given it requests no credentials or external access, that is low risk. If you want higher assurance, run the included tests in an isolated environment to confirm behavior.

Purpose & Capability: okName/description, SKILL.md, and handler.py all focus on mapping table parameters (players, time, mood, experience) to board‑game categories. There are no unrelated credentials, binaries, or config paths required.
Instruction Scope: okSKILL.md is dialogue-based and limited to collecting inputs and returning category recommendations and quick-start guidance. The handler reads SKILL.md for metadata (expected) and otherwise processes only the provided input; there are no instructions to read unrelated system files or exfiltrate data.
Install Mechanism: okNo install specification; this is effectively an instruction+local Python handler. No downloads, package installs, or external installers are declared.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The code shown does not access environment secrets or external credential stores.
Persistence & Privilege: okSkill flags are default (always: false, user-invocable true). It does not request permanent presence or elevated platform privileges.