Skillv1.0.0

ClawScan security

Skill Vetter 1.0.0 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 25, 2026, 12:56 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: An instruction-only vetting checklist whose requirements and runtime instructions align with its stated purpose and which does not request extra privileges or install code.
Guidance: This skill is an instruction-only vetting checklist and appears internally consistent and low-risk. Before relying on it: 1) recognize it expects the agent to fetch and read repo files (GitHub network access); confirm you’re comfortable allowing those reads in your environment; 2) treat its output as an aid, not a replacement for human review—it flags patterns but cannot guarantee absence of hidden behavior; and 3) if you use the quick commands, ensure the agent’s network permissions and credentials for GitHub (if any) are scoped appropriately. Install only if you accept outbound repo reads and the agent’s autonomy to run the described checks.

Purpose & Capability: okName and description (skill vetting) match the content of SKILL.md: it's a checklist and actionable commands for reviewing skills. It requests no credentials, binaries, installs, or config paths—proportionate for a vetting tool.
Instruction Scope: noteSKILL.md instructs the agent to read all files in a candidate skill and to run network queries (GitHub API / raw content) when evaluating GitHub-hosted skills. This is coherent for vetting, but implies the agent will access remote repos and potentially arbitrary repository files — ensure network access and repository read access are acceptable in your environment and that the agent won’t automatically exfiltrate reviewed content.
Install Mechanism: okNo install spec and no code files — lowest-risk model for disk persistence. Nothing will be downloaded or executed by an installer as part of this skill package.
Credentials: noteThe skill declares no required environment variables or credentials, which is appropriate. However the vetting steps assume outbound network access (to api.github.com and raw.githubusercontent.com) and the ability to read repository files; those are operational permissions rather than secret credentials and should be allowed only if acceptable to you.
Persistence & Privilege: okalways is false and the skill does not request persistent system changes or modify other skills. Model invocation is allowed (default) which is normal for skills of this nature.