Back to skill
Skillv0.2.1
ClawScan security
Skill Feed · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 10:38 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- Skill Feed's instructions, requirements, and behavior are coherent with a skill-discovery/recommendation purpose and do not request disproportionate privileges or secrets.
- Guidance
- This skill appears internally consistent, but before installing: 1) confirm your agent runtime enforces the SKILL.md sanitization rules (prevent raw logs, env values, API keys, PII from being sent); 2) verify the agent only sends sanitized, generic queries to https://clawhub.ai and does not leak internal URLs or tokens; 3) test the skill using synthetic failures (no real secrets) to validate outputs; 4) ensure the skill will not auto-execute external high-risk remediation steps without explicit user confirmation. If you need stronger guarantees, ask the skill author to provide a deterministic sanitization routine and clearer limits on which logs/contexts the skill may read.
Review Dimensions
- Purpose & Capability
- okThe name/description (recommend skills to recover failed workflows) matches the instructions: classify failures, build sanitized queries, search ClawHub, rank candidates, and return recovery steps. No unrelated env vars, binaries, or install steps are requested.
- Instruction Scope
- noteInstructions stay within the stated purpose (capture failure context, sanitize, construct queries, call ClawHub search, rank results). However, sanitization is delegated to the agent and the SKILL.md does not define precise sanitization implementation or explicit limits on which runtime sources to read — e.g., it says "latest action log summary" but doesn't restrict reading broader logs or environment variables. The effectiveness of data protection depends on the agent enforcing the sanitization rules.
- Install Mechanism
- okInstruction-only skill with no install spec or downloaded code — lowest risk. The skill expects to perform live web searches (https://clawhub.ai/skills?focus=search) at runtime, which is appropriate for its function.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. It uses generic network access to query ClawHub, which is proportionate to its purpose.
- Persistence & Privilege
- okNo elevated persistence requested (always: false). The skill does not request or document modifying other skills or system-wide settings.