Back to skill
Skillv1.0.0
ClawScan security
AgentPin · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 15, 2026, 6:57 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope are internally consistent with a developer guide for a cryptographic agent-identity library; it does not request unexpected credentials or install arbitrary code itself.
- Guidance
- This is a coherent developer guide for a cryptographic identity protocol; it appears benign. Before using it, review the upstream code and package distribution (GitHub, PyPI, npm) to ensure you trust the publisher and verify package integrity/signatures. Keep private keys secure (do not share them), and when running server or discovery endpoints consider exposure and caching policies. If you want higher assurance, request the actual source code or a repository link from the skill author and verify release artifacts (checksums/signatures) rather than blindly installing packages named in examples.
Review Dimensions
- Purpose & Capability
- okThe name/description (domain-anchored agent identity, ES256 JWTs, TOFU pinning, revocation, delegation) matches the SKILL.md content: key generation, JWT issuance/verification, discovery, pinning, and serving .well-known endpoints. Nothing requested (no env vars, no special binaries) is disproportionate to this purpose.
- Instruction Scope
- okSKILL.md is a development/user guide showing how to generate keys, issue and verify credentials, run the CLI/server, and use SDKs. It does not instruct the agent to read unrelated system files or to exfiltrate data; network operations (fetching .well-known, pip/npm installs) are expected for this functionality and are documented as examples.
- Install Mechanism
- okThere is no install spec in the skill bundle (instruction-only). The document references obtaining code via cargo/npm/pip or GitHub links, which is normal for a developer guide. The skill itself does not include or automatically download archives or binaries.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The operations described (keypair generation, signing, verification, serving discovery endpoints) legitimately require private keys and network access, but those artifacts are under the user's control and are not requested by the skill.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated persistence or modifications to other skills or system-wide agent settings. It is an invocation-only developer guide and does not claim or require permanent presence.