Back to skill
Skillv1.0.0
ClawScan security
Price Monitor FR · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 7:08 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match a price-monitoring tool that fetches product pages and stores local JSON history; nothing requested or installed appears disproportionate to that purpose, but the packaged script was truncated in the provided artifact so review the full file before installing.
- Guidance
- This appears to be a straightforward price-monitoring script: it fetches product pages (HTTP GET), parses prices, and stores products/history/alerts under ~/.price-monitor. Before installing, review the full scripts/monitor.py file (the provided preview was truncated) to confirm there are no outgoing webhooks, remote logging, or credential-leaking code. Consider running it in a restricted environment or sandbox if you are concerned about the tool fetching arbitrary URLs (which could include internal network addresses). If you don't want the model to call the skill autonomously, disable model invocation or require explicit user approval before running it.
Review Dimensions
- Purpose & Capability
- okThe name/SKILL.md and the included Python script implement a price-monitoring tool (fetch product pages, extract prices, persist products/history/alerts under ~/.price-monitor). No unrelated credentials, binaries, or installs are requested.
- Instruction Scope
- noteRuntime instructions tell the agent to run the included Python script which downloads HTML from user-supplied product URLs and writes JSON files under the user's home directory. This behavior is expected for a price monitor, but the script performs arbitrary HTTP GETs on provided URLs — which could reach internal services if misused. Also, the provided scripts output was truncated in the archive preview; the remainder should be checked for any unexpected network/exfiltration steps.
- Install Mechanism
- okNo install spec is present (instruction-only skill) and the code claims to use only the Python stdlib. No remote downloads or package installs are declared.
- Credentials
- okThe skill requests no environment variables, no credentials, and stores data locally under ~/.price-monitor. No disproportionate or unexplained secret access is requested.
- Persistence & Privilege
- noteThe skill does not set always:true, but disable-model-invocation is not set (default behavior allows the model to invoke it). That means the model could autonomously trigger network fetches and write files locally — expected for this kind of tool but worth noting if you want to restrict autonomous network access.