Skillv1.0.0

ClawScan security

Capital Expenditure Planner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 19, 2026, 5:46 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with a purely descriptive capital-expenditure planning helper and do not request unrelated credentials or external access.
Guidance: This skill appears coherent and descriptive. Before installing or running it: (1) note that it contains an executable handler.py — run tests in an isolated/sandbox environment if you want to execute it locally; (2) no network calls or secret/env access are present, so it does not appear to exfiltrate data; (3) review the handler.py quickly for any changes before trusting it in a sensitive environment (the file contains some dead/placeholder logic comparing static skill names, which is harmless but sloppy); (4) avoid supplying any sensitive credentials as input. If you need higher assurance, run the provided tests in a disposable environment and inspect the code manually.

Purpose & Capability: okName/description (capex planning) aligns with the files and logic. The handler implements input parsing, simple heuristics, recommendations, templates and a disclaimer—everything matches the stated purpose. No unrelated dependencies, binaries, or env vars are requested.
Instruction Scope: noteSKILL.md states 'No real code execution' and 'No external API calls'. The package does include an executable handler.py (which will run locally when invoked) but it only performs local parsing and JSON output and contains no network calls or filesystem access. This is likely acceptable but the SKILL.md wording could be clearer about local code execution vs. external execution.
Install Mechanism: okNo install spec is provided and no downloads or installs occur. The presence of code files means the code would run when invoked, but nothing in the package pulls remote artifacts or writes to disk beyond normal execution.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The handler only uses standard library modules (json, sys, re) and inspects the provided user input; there is no indication of exfiltration or secret access.
Persistence & Privilege: okThe skill is not always-enabled and does not request persistent privileged presence. It does not modify other skill configurations or system-wide settings.