Skillv1.0.0

ClawScan security

Working Capital Optimizer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 19, 2026, 6:12 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and tests are self-contained and match its working-capital purpose, but the SKILL.md and ACCEPTANCE.md explicitly state 'No code execution' while an executable handler.py is included — a potentially misleading mismatch worth reviewing before install.
Guidance: This skill appears to implement the claimed working-capital analysis and does not request credentials or network access, but the documentation's claim of 'No code execution' conflicts with the included handler.py that will run when the skill is invoked. If you plan to install it: 1) review handler.py yourself (it's short and readable) to confirm it only uses the provided input and standard libraries (no network, no file writes); 2) run it in a sandbox or isolated environment first if you want extra safety; 3) if you need absolute assurance that no code will execute, decline installation — a purely instruction-only skill (no handler file) would better match that promise. If you want to proceed but are unsure, ask the publisher to clarify why an executable handler is included despite the 'no code execution' statements.

Purpose & Capability: okName, description, skill.json tags and the handler.py logic all align: this is a descriptive working-capital analysis skill that only parses user text and returns JSON recommendations. No unrelated binaries, APIs, or credentials are requested.
Instruction Scope: concernSKILL.md repeatedly states 'No real code execution' and 'No external API calls', but the package includes an executable handler.py and tests that call it. The handler is self-contained (reads only the provided user input) and does not access files, env vars, or network, but the presence of runnable code contradicts the plain-language safety assurances — this could mislead non-technical reviewers.
Install Mechanism: okNo install spec is provided (instruction-only style). There are code files included but nothing is downloaded or installed from external URLs. Risk from install mechanism is low.
Credentials: okNo required environment variables, credentials, or config paths are declared or referenced. handler.py only consumes supplied text input and uses standard library modules (json, sys, re).
Persistence & Privilege: okSkill flags are default (always:false, user-invocable:true, model invocation allowed). The skill does not request persistent or elevated privileges and does not modify other skills or system configs.