Back to skill
Skillv1.0.0
ClawScan security
recipe-finder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 19, 2026, 9:20 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it queries TheMealDB public API, needs no credentials or installs, and its instructions stay within the stated recipe-finding purpose.
- Guidance
- This skill appears safe and coherent: it simply calls TheMealDB's public API and needs no secrets or installs. Before enabling, note that web_fetch will send users' queries to TheMealDB (so queries are transmitted to a third party), TheMealDB has limited/uneven metadata (dietary tags like gluten-free may be unreliable), and you may want to handle rate-limiting/caching if you expect frequent use. If you need strict dietary filtering or an offline/local dataset, this skill alone may not be sufficient.
Review Dimensions
- Purpose & Capability
- okName and description match the runtime instructions: the SKILL.md only uses TheMealDB public endpoints (search/filter/lookup) and does not request unrelated binaries, credentials, or host access.
- Instruction Scope
- noteInstructions are narrowly scoped to parsing user recipe requests and calling TheMealDB via web_fetch. Minor caveat: the SKILL.md suggests handling dietary restrictions (e.g., 'gluten-free'), but TheMealDB does not provide robust structured dietary tags; implementing this would require heuristic filtering or external data and may produce inaccurate results.
- Install Mechanism
- okInstruction-only skill with no install spec or code files — nothing is written to disk or fetched during install.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The only external interaction is network calls to TheMealDB (public API), which is appropriate for the stated purpose.
- Persistence & Privilege
- okalways is false and the skill does not request persistent or elevated privileges. It is user-invocable and may be called autonomously per platform default, which is expected behavior.