Back to skill
Skillv1.0.0
ClawScan security
Vinted · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 3:11 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only Vinted marketplace assistant that stores local notes under ~/vinted/, requests no credentials or installs, and its requirements and instructions are coherent with its stated purpose.
- Guidance
- This skill appears consistent with its stated purpose, but before enabling it: (1) confirm you consent to local persistence and inspect the ~/vinted/ files it creates (they may contain shipment/proof details or personal info); (2) do not provide platform login credentials to the skill — it expects you to operate inside Vinted.com; (3) if you prefer no local storage, decline persistence so the skill runs statelessly; and (4) verify any network activity only goes to legitimate Vinted domains listed in the skill before approving external calls.
Review Dimensions
- Purpose & Capability
- okName/description (buying/reselling on Vinted) aligns with requested artifacts: local memory at ~/vinted/ for listings, logs, and workflows; no unrelated binaries, cloud creds, or surprising privileges are requested.
- Instruction Scope
- okSKILL.md and auxiliary docs confine actions to marketplace workflows and local file creation under ~/vinted/; setup.md explicitly says to ask permission before persisting data, and there are no instructions to read unrelated system files or secrets.
- Install Mechanism
- okNo install spec or third-party downloads — instruction-only skill with no code written to disk by an installer, which is the lowest-risk install model.
- Credentials
- okThe skill requests no environment variables or external credentials; the single declared config path (~/vinted/) is proportionate for storing marketplace memory, proofs, and logs.
- Persistence & Privilege
- okPersistence is limited to a user-owned ~/vinted/ directory and the skill explicitly asks for consent before saving; always:false and normal autonomous invocation policy are used, so no excessive permanent presence is requested.