Skillv1.0.1

ClawScan security

swagger-skills · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 30, 2026, 2:13 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements match its stated purpose (generating API-calling skills from Swagger/OpenAPI docs); it auto-installs standard Python packages and writes generated client files to disk, which is coherent with its function.
Guidance: This tool appears to be what it says: a local generator that fetches Swagger/OpenAPI docs and writes Python client files. Before running: (1) review and edit config/sources.json to ensure you only point it at trusted documentation endpoints; (2) run it inside a Python virtual environment (or container) to avoid pip installing into your global interpreter; (3) be aware it will perform network requests to the specified URLs and write files to sibling directories; (4) if you must fetch protected docs, store only documentation-level credentials in config/sources.json and avoid putting sensitive business credentials into config files. If you want extra assurance, inspect scripts/build_swagger_skill.py and generated output before using any generated client in production.

Review Dimensions

Purpose & Capability: okName/description (generate API calling skills from Swagger/OpenAPI) align with included scripts and files: build_swagger_skill.py discovers specs and writes Python client files and reference docs. No unrelated credentials, binaries, or external services are requested.
Instruction Scope: noteSKILL.md instructs the user to populate config/sources.json with Swagger UI/spec URLs and run the build script. The script fetches arbitrary URLs (the provided Swagger docs), parses specs, and writes generated skill directories to a sibling output location — this is expected but means the tool will perform network requests and write files to disk. It also references config/sources.json for doc auth (Basic auth) which is reasonable for protected docs.
Install Mechanism: noteThere is no platform install spec, but the code auto-installs Python dependencies via pip (subprocess.check_call). requirements.txt only lists requests and PyYAML. Auto-installing packages is coherent for a Python generator but carries the usual risk of modifying the user's Python environment; the packages come from PyPI and are expected for the tool's function.
Credentials: okThe skill does not request environment variables, secrets, or config paths beyond its local config/sources.json and config/domains.json. The only credential-like data is an optional doc_auth entry (username/password) used solely to fetch protected documentation, which the README warns about. The scripts do not access unrelated system credentials.
Persistence & Privilege: okSkill is not always-enabled and does not attempt to modify other skills or global agent settings. It writes generated skill files to disk (sibling directories) as part of its purpose, which is normal for a generator.