Breweries
PassAudited by ClawScan on May 1, 2026.
Overview
This brewery lookup skill appears benign and purpose-aligned, but its README points to external executable scripts that are not included in the reviewed package.
This skill’s documented behavior is limited to looking up brewery information from a public API and does not require authentication. Before installing via the README’s GitHub clone instructions, review the downloaded executable scripts because they were not included in the submitted package.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you install using the README instructions, you would be trusting executable code from GitHub that was not included in this artifact review.
The README instructs users to clone and make executable scripts from an external repository, while the submitted artifact set contains only README.md and SKILL.md. This is a provenance/completeness note, not a behavioral concern, because the documented purpose is low-impact and no suspicious script behavior is shown in the reviewed artifacts.
git clone https://github.com/jeffaf/breweries-skill.git ~/clawd/skills/breweries chmod +x ~/clawd/skills/breweries/breweries chmod +x ~/clawd/skills/breweries/scripts/breweries
Inspect the cloned scripts before running them, or use a packaged version that includes the executable files for review.