Skillv1.0.0

ClawScan security

Domain Registration · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 5, 2026, 11:26 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are coherent with a domain registration workflow — it is instruction-only, uses expected CLI tools, and stores operational state under ~/domain-registration/ — but you should be aware it will create local files and expects you to provide registrar API credentials at runtime (it does not declare or store them).
Guidance: This skill appears to be what it says: a set of playbooks and checklists for registrar APIs and dashboard flows that will create a ~/domain-registration/ directory to store operational notes and logs. Before installing or using it: 1) Decide where you'll keep registrar API credentials (do not store them in the memory files the skill creates); 2) Be prepared to approve any billing actions manually — the skill emphasizes ask-first for purchases/transfers; 3) Back up current DNS/WHOIS state before allowing the skill to perform changes; and 4) If you plan to let the agent use provider APIs, supply credentials via a secure secret manager or prompt at runtime rather than putting secrets into the skill's files. Overall the package is coherent and low installation risk, but treat API keys and payment/billing steps carefully.

Review Dimensions

Purpose & Capability: okThe name/description match the requested capabilities. Required binaries (curl, jq, dig, whois) are appropriate for registrar API calls, JSON parsing, DNS checks, and WHOIS lookups. Provider coverage and playbooks align with the stated purpose. One minor mismatch: example CLI snippets reference placeholders like ${PROVIDER_TOKEN} and ${PROVIDER_API} even though the skill declares no required env vars; this appears to be placeholders for runtime-supplied credentials rather than unexpected secrets requests.
Instruction Scope: okSKILL.md and the included playbooks limit actions to provider API/dashboard interactions, DNS validation, and local audit files in ~/domain-registration/. The instructions explicitly gate billing/ownership writes with user confirmation and instruct the agent not to store raw credentials in memory files. There are no instructions to read unrelated system files or exfiltrate data to unknown endpoints. Note: the skill includes curl examples that assume provider tokens/URLs will be supplied at runtime; ensure those tokens are provided securely and not written into the skill's memory files.
Install Mechanism: okInstruction-only skill with no install spec or remote downloads; nothing is written by an installer and no external packages are pulled. This is low-risk from an installation standpoint.
Credentials: noteThe skill declares no required environment variables or primary credential, but the documentation clearly expects provider API credentials/auth models (API keys, tokens, IAM roles) for many actions. This is not necessarily malicious — it appears to expect credentials to be supplied interactively or via the user's normal credential management — but the skill does not declare or manage those secrets itself. Users should confirm how and where they will provide API keys (environment, secret manager, or manual dashboard use) and avoid storing raw tokens in the ~/domain-registration/ files as the docs advise.
Persistence & Privilege: okThe skill is not always-enabled, can be invoked by the user, and is allowed autonomous invocation (platform default). It writes operational state under a dedicated ~/domain-registration/ directory, which is appropriate for its function. It does not request system-wide privileges or modify other skills. There is no indication of excessive persistence requirements.