Skillv1.0.0

ClawScan security

Search Listing Optimizer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 13, 2026, 3:09 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose (heuristic listing audits) and asks for no credentials or installs; I found minor implementation bugs but no signs of exfiltration or unrelated privileges.
Guidance: This skill appears to do what it says: a heuristic, text-only audit that generates a markdown optimization brief and does not ask for credentials or install anything. Before installing or enabling it widely: 1) review the full handler.py (the provided snippet was truncated) to confirm there are no hidden network calls, file writes, or subprocess invocations; 2) run the included tests in a sandbox to verify behavior and to confirm the exported handle() function and output formatting; 3) be aware of a minor correctness issue (platform name vs. weight-key casing) that may make many attributes fall back to generic weights — this affects quality of advice but not security. If you plan to allow autonomous invocation, note that while this skill has no special privileges, any autonomous skill can act without a user prompt — enable it only if you trust its behavior and output.

Review Dimensions

Purpose & Capability: noteThe name/description (heuristic listing audits across marketplaces) match the code and SKILL.md: the implementation performs text-based heuristics and produces a markdown brief. No platform APIs, credentials, or unrelated system access are requested. Note: there is a minor mismatch in ATTRIBUTE_WEIGHT keys (they're lowercased) versus detected platform names (capitalized like 'Amazon'), which will cause many weight lookups to fall back to the 'general' values — a correctness bug, not a security issue.
Instruction Scope: okSKILL.md limits the agent to using user-provided listing notes and states explicitly it does not access live analytics or seller portals. The included handler code only processes provided text, applies heuristics, and renders a markdown brief. I saw no instructions to read system files, environment secrets, or to send data to external endpoints in the provided code snippet.
Install Mechanism: okNo install spec is declared (instruction-only skill). The code files included are pure Python and do not invoke installers or pull remote archives; this is low risk from an install mechanism perspective.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The runtime instructions and the visible code do not access env vars or secrets. Required privileges appear proportionate to its stated purpose.
Persistence & Privilege: okalways:false and no code paths that persist data or modify agent/system config are present in the reviewed snippet. The skill can be invoked autonomously (platform default), but that is expected and not excessive here.