Back to skill
Skillv1.0.0
ClawScan security
OAuth · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 5:30 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This is an instruction-only OAuth security reference with no code, install steps, credentials, or system access requested.
- Guidance
- This skill appears safe as a reference guide. Users should still review any OAuth implementation code they create separately, especially token storage, redirect URI validation, scopes, and client secret handling.
Review Dimensions
- Purpose & Capability
- okThe content is coherent with the stated purpose of implementing OAuth 2.0 and OpenID Connect securely.
- Instruction Scope
- okThe instructions are security best-practice guidance and do not direct the agent to run commands, access accounts, collect secrets, or perform high-impact actions.
- Install Mechanism
- okThere is no install specification and no code files; the skill is instruction-only.
- Credentials
- okThe metadata declares no required binaries, environment variables, credentials, or configuration paths.
- Persistence & Privilege
- okThe artifacts show no persistence mechanism, background activity, privilege escalation, credential storage, or autonomous account access.