Back to skill
Skillv1.0.0
ClawScan security
Forage Shopping · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 21, 2026, 5:44 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are internally consistent with a product search/price-comparison capability, but it routes queries to an external MCP server you should verify before use.
- Guidance
- This skill is coherent for price comparison, but it forwards queries to an external MCP server (https://forageshopping.com/mcp). Before installing: 1) verify the domain and operator (privacy policy, reputation); 2) don't send sensitive personal or financial data in queries; 3) confirm the connection uses HTTPS and inspect openclaw.json changes (back it up) so you can remove the MCP entry later; and 4) try a few non-sensitive searches to observe results and behavior. If you need stronger guarantees about data handling, contact the skill author or prefer a skill with documented authentication and privacy terms.
Review Dimensions
- Purpose & Capability
- okName/description match what the SKILL.md instructs: search, compare, and find deals. It does not request unrelated credentials, binaries, or system access.
- Instruction Scope
- noteInstructions are narrowly scoped to adding a single MCP server URL to openclaw.json and calling three named tools. This stays within the advertised purpose, but it does cause the agent to send user queries to an external service (https://forageshopping.com/mcp).
- Install Mechanism
- okNo install spec or code is present (instruction-only), so nothing new is written to disk beyond the suggested change to openclaw.json. This is low-risk compared to downloads or executables.
- Credentials
- okNo environment variables, credentials, or config paths are required. The lack of required API keys is consistent with the SKILL.md claim that the remote server 'handles everything.'
- Persistence & Privilege
- notealways:false and user-invocable:true (normal). The only persistent change suggested is adding an MCP server entry to openclaw.json — this is reasonable for the skill but effectively routes agent queries to a third-party endpoint, which increases exposure.