Back to skill
Skillv1.2.0
ClawScan security
A2a · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 10:16 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill implements a simple WebSocket-based agent discovery/invocation library that matches its description; it asks for no secrets and has no installer, but it has minor engineering issues and requires care when connecting to arbitrary endpoints.
- Guidance
- This skill appears to do what it claims: it provides a small WebSocket-based client/server/registry for calling other agents and does not request secrets. Before installing: - Understand that it will open outbound WebSocket connections to endpoints you supply; do not point it at untrusted servers because messages could include sensitive data. - Ensure the Python 'websockets' package is available in the runtime environment (SKILL.md does not declare this dependency). Without it, the client will fail. - Note minor code issues (e.g., a likely typo/bug in Server.__init__) — the implementation is lightweight but not hardened. If you plan to use it in production, review/patch for input validation, errors, use secure wss:// endpoints, and add authentication/authorization between agents. - If you need guarantees about data handling or access controls, require those features (TLS, auth tokens, allowed endpoint list) before using this skill in sensitive contexts.
Review Dimensions
- Purpose & Capability
- okName/description (agent interconnect, discover/invoke agents) align with the code and SKILL.md. The code provides Registry, Server, and Client for calling agents over WebSockets, which is expected for this purpose. Requiring python3 only is reasonable.
- Instruction Scope
- okSKILL.md only documents how to register actions, call agents, and discover capabilities. It does not ask the agent to read unrelated files or credentials. The runtime behavior (opening WebSocket connections and sending messages) is consistent with the described function.
- Install Mechanism
- noteNo install spec (instruction-only) — low risk. However, the Python code imports the third-party 'websockets' package inside Client methods but the SKILL.md and manifest do not declare this dependency; runtime will fail unless 'websockets' is available. No external downloads or unusual installers are used.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. This is proportionate to a networked inter-agent library. There are no hidden env accesses in the code or SKILL.md.
- Persistence & Privilege
- okalways is false and the skill does not request special privileges or modify other skills. It does initiate outbound network connections (WebSockets), which is normal for inter-agent communication but increases operational exposure and should be controlled by policy.