Skillv0.1.0

ClawScan security

SAPCONET SSH Bridge · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 26, 2026, 8:07 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only SSH command template that behaves consistently with its stated purpose, but it includes a hard-coded default target IP/user and fails to declare the SAPCONET_TARGET env var — inspect and replace the default target and confirm trust before use.
Guidance: This skill is basically two SSH wrapper scripts and is coherent with its stated purpose, but before installing or running it you should: 1) manually inspect both scripts (they contain placeholders that become remote commands); 2) replace the default SAPCONET_TARGET (neill@100.110.24.44) with a host you control/trust; 3) ensure your SSH keys/agent are configured rather than entering credentials inline; 4) avoid allowing the agent to autonomously execute these scripts against external hosts unless you explicitly trust the target; and 5) ask the publisher for provenance (source/homepage) if you need accountability — the registry metadata lists no homepage and an unknown owner.

Review Dimensions

Purpose & Capability: noteThe name/description say the skill standardizes SSH command patterns for bird reads, Puppeteer checks, and inbox messaging; the included scripts only use SSH to run placeholder commands on a remote host, which is coherent with the stated purpose. Minor mismatch: the metadata lists no required env vars, but the scripts rely on SAPCONET_TARGET (with a default neill@100.110.24.44).
Instruction Scope: noteSKILL.md and scripts confine activity to SSH calls to the target host; there are no other network calls or local file reads. However, remote commands executed over SSH can run arbitrary work on the target host (the scripts currently contain placeholders). The SKILL.md warning to review remote placeholders is appropriate; users should verify remote commands before running.
Install Mechanism: okNo install spec (instruction-only) and only two bash scripts are included. Nothing will be downloaded or written by an installer — low install risk.
Credentials: noteThe skill requests no declared credentials or env vars in the registry metadata, but runtime instructions and scripts require SAPCONET_TARGET (and in practice system SSH keys/agent or password access). This is proportionate to an SSH template but should be declared explicitly; the hard-coded default target IP/user is an unexplained element that the user must replace.
Persistence & Privilege: okalways is false, the skill does not request persistent or elevated platform privileges, and it does not modify other skills or global configuration.