SSL
ReviewAudited by ClawScan on May 1, 2026.
Overview
This instruction-only SSL skill is coherent and purpose-aligned, but its examples include admin certificate commands, private-key handling, and scheduled renewal that users should run carefully.
Use this skill as SSL administration guidance. Before running commands, verify the target domain, server, file paths, and permissions; avoid exposing private keys; and review any cron or renewal automation before enabling it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run against the wrong server or domain, certificate setup or renewal could fail or affect a live site.
This is a purpose-aligned certificate issuance command, but on a real server it can write certificate material and interact with web server configuration.
certbot certonly --nginx -d example.com -d www.example.com
Run these commands only on systems and domains you control, and review changes before applying them to production.
Exposure of a private key could let someone impersonate the HTTPS site until the certificate is revoked or replaced.
The skill documents extracting a TLS private key, which is expected for certificate management but creates credential-like secret material on disk.
openssl pkcs12 -in cert.pfx -nocerts -out privkey.pem
Do not paste, upload, or share private keys; keep key files restricted and rotate/revoke certificates if a key may have been exposed.
A scheduled renewal task will keep running periodically and may affect certificate files or service reload behavior.
The skill recommends a scheduled cron renewal job, which is normal for Let's Encrypt but is persistent behavior that continues after setup.
0 0 * * * certbot renew --quiet
Confirm the renewal schedule, logging, and service reload behavior before enabling it, especially on production systems.