Back to skill
Skillv1.3.0
ClawScan security
Skill Guard · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 10:16 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with a local static code scanner: it only requires python3, includes a simple file-scanning implementation, and does not request external credentials or perform network calls.
- Guidance
- This appears to be a straightforward local static scanner that looks for suspicious tokens in files. Before using: (1) note that the SKILL.md and code are slightly out of sync (inspect_remote is documented but not implemented); (2) run the scanner only on the directories you intend — it will read file contents in the path you give it (don’t point it at your entire home or root unless you want those files examined); (3) expect false positives and false negatives — this is a heuristic pattern matcher, not a full taint-analysis engine; (4) because it’s local and includes no networking, it won’t exfiltrate data by itself, but always review the scanner’s source yourself if you plan to rely on its results. If you want remote inspection functionality, ask the author for an updated implementation or documentation.
Review Dimensions
- Purpose & Capability
- okName/description match the included code: the Python module implements a pattern-based static scanner that walks a given path and searches files for suspicious tokens. Required binary (python3) is appropriate and proportional.
- Instruction Scope
- noteThe SKILL.md usage shows an inspect_remote function and a RISK_PATTERNS dict that are not present in the code (the code provides scan() and check(), and RISK_PATTERNS is a list of tuples). The runtime instructions otherwise only ask you to run the scanner locally; the scanner only reads files under the provided path and does not transmit data externally.
- Install Mechanism
- okThere is no install spec that downloads external code; the repository is instruction-only with an included Python file. Nothing in the bundle writes or installs arbitrary binaries from remote URLs.
- Credentials
- noteThe skill requests no environment variables or credentials. However, when you point the scanner at a directory it will read files there — so do not scan sensitive system or home directories unless intended (e.g., scanning /home/user can read files like .aws/credentials if present). This is expected for a local scanner but worth remembering.
- Persistence & Privilege
- okSkill does not request persistent privileges, does not set always:true, and does not modify other skills or system-wide configuration. It only reads files within the supplied path.