Back to skill
Skillv1.0.1
ClawScan security
Agent Bounty Scanner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 1:38 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are internally consistent with its stated purpose: it invokes a local 'acp' CLI to fetch marketplace data, scores and ranks results, and does not request unrelated credentials or install arbitrary external code.
- Guidance
- This skill appears coherent and straightforward, but it depends on a local 'acp' CLI: only install/use it if you trust the provider of the virtuals-protocol-acp skill and the 'acp' binary. The Python code runs that CLI as a subprocess and parses its JSON output — inspect or source-verify the 'acp' binary (or run in a sandbox) to ensure it won't exfiltrate data or perform unexpected network actions. If you plan to run this in production, confirm the ACP tool's origin and permissions and consider running it with least privilege.
Review Dimensions
- Purpose & Capability
- okName/description claim a bounty discovery/scoring tool and the included Python implementation + SKILL.md consistently implement that: they call an 'acp' CLI, parse JSON, score tasks, and require the 'virtuals-protocol-acp' skill. No unrelated services, binaries, or credentials are requested.
- Instruction Scope
- okSKILL.md explicitly limits behavior to invoking the ACP CLI and scoring results. The runtime instructions and the Python code only run a subprocess (acp browse <query> --json), parse its JSON output, and compute scores; they do not read arbitrary files, access environment variables, or transmit data to external endpoints beyond whatever the local 'acp' binary does.
- Install Mechanism
- okThere is no install spec; this is effectively instruction-only plus a local Python file. Nothing in the package downloads or writes external archives or executes installers.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The only external dependency is a locally available 'acp' command (provided by the declared virtuals-protocol-acp skill), which is proportionate to the described purpose.
- Persistence & Privilege
- okThe skill is not forced-always, is user-invocable, and does not request elevated or persistent platform privileges. It does not modify other skills or system configurations.