Back to skill
Skillv1.0.0
ClawScan security
Competitor Watchtower · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 14, 2026, 12:26 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it only processes user-supplied competitor notes with local heuristics, asks for no credentials, installs nothing, and contains no network or file‑exfiltration behavior.
- Guidance
- This skill appears safe and coherent for its stated purpose. Before installing, review (a) that you will only provide non-sensitive competitor notes (do not paste secrets or internal credentials), and (b) any future updates to the skill for added network calls or credential requests. If you plan to use this in an automated agent workflow, remember the agent can call the skill autonomously by default — acceptable here given the skill's local-only behavior, but review logs/outputs in case sensitive business data is included in inputs.
Review Dimensions
- Purpose & Capability
- okThe name/description (competitor monitoring brief) matches the implementation: handler.py parses user input and produces a markdown brief. There are no unexpected requirements (no cloud credentials, no scraping tools, no unrelated binaries).
- Instruction Scope
- okSKILL.md explicitly states it does not perform live scraping and relies on user-supplied notes. The runtime code adheres to that: all logic is local text matching and rendering; no instructions reference reading arbitrary system files, environment secrets, or contacting external endpoints.
- Install Mechanism
- okNo install spec is provided (instruction-only install), and the included Python code does not download or execute remote artifacts. Nothing in the files writes or extracts archives from external URLs.
- Credentials
- okThe skill declares no required environment variables, no primary credential, and the code does not access os.environ or other secret/config paths. Tests briefly manipulate sys.path for import convenience (expected in local tests) but do not expose credentials.
- Persistence & Privilege
- okalways is false and the skill does not modify other skills or agent configs. disable-model-invocation is false (normal platform default) but combined with the skill's limited scope presents low risk.