Back to skill
Skillv1.0.0
ClawScan security
Influencer Partnership Scout · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 13, 2026, 10:06 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose: heuristic influencer shortlist and outreach templates with no external access or unexpected privileges.
- Guidance
- This skill is a heuristic/template generator (no real social platform API calls). Before using, avoid pasting sensitive credentials or private contact lists into prompts; manually validate any shortlisted creators, pricing, and legal/brand-safety concerns before outreach. Be aware the agent platform may allow autonomous invocation by default — if you want to prevent background/autonomous runs, disable model-driven invocation in your agent settings.
Review Dimensions
- Purpose & Capability
- okName, description, SKILL.md, and handler.py are consistent: the skill creates heuristic shortlist frameworks and outreach briefs. It does not request unrelated credentials, binaries, or config paths.
- Instruction Scope
- okSKILL.md and handler.py operate entirely on provided user input and produce markdown output. There are no instructions to read system files, access external endpoints, or collect unrelated environment data.
- Install Mechanism
- okNo install spec is provided (instruction-only plus a small local handler). No downloads, package installs, or archive extraction are present.
- Credentials
- okThe skill declares no required env vars or credentials and the code does not reference environment variables or secrets. Requested access is proportional to the stated functionality.
- Persistence & Privilege
- okalways is false, there is no persistent/system-wide configuration or modification, and the skill does not attempt to store or modify other skills or agent settings.