v1.0.0

ClawHub Publish

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:13 AM.

Analysis

This is a coherent ClawHub publishing helper, but it gives the agent authenticated public publishing and local file-rewrite authority without clear confirmation safeguards.

GuidanceUse this only if you want the agent to help publish skills to ClawHub. Before running it, verify the `clawhub` CLI source, confirm the logged-in account, remove or replace the hard-coded `jini92` and `C:\MAIBOT` assumptions, review any file diffs, and require explicit approval for each publish or batch item.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

If Korean or personal info is found: ... Rewrite SKILL.md fully in English ... WriteAllText(...) ... clawhub publish ./skills/<skill-name> ... Batch Publish ... run steps 1–4 for each in sequence.

The workflow authorizes local skill-file rewrites and authenticated public publishing, including batch operation, but it does not require a final human confirmation or review immediately before those high-impact actions.

User impactAn agent following this skill could alter skill files and publish or update one or more public marketplace listings under the logged-in account if the wrong target is chosen.

RecommendationRequire the agent to show the file diff, target account, skill path, slug, version, and changelog, then ask for explicit confirmation before each publish; require an enumerated list and per-skill approval for batch publishing.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

clawhub CLI installed: `npm i -g clawhub`

The setup step installs a global npm package without a pinned version. This is purpose-aligned for a ClawHub publishing skill, but the package source and version should be verified.

User impactThe installed CLI becomes part of the trusted publishing path and can affect local and account state.

RecommendationInstall the CLI from the official source, consider pinning a known-good version, and verify the package before use.

Human-Agent Trust Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

Then check: https://clawhub.ai/u/jini92

The verification step is hard-coded to a specific user profile, which makes the skill less generic and could confuse users who expect it to verify their own account.

User impactA user might check the wrong marketplace profile or assume the skill is configured for them when it is still tailored to the author’s environment.

RecommendationReplace hard-coded account/profile references with placeholders or derive the profile from the authenticated `clawhub whoami` result.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

Logged in: `clawhub whoami` (if not: `clawhub login` via PTY + browser)

The skill relies on a logged-in ClawHub account to perform publishing. This is expected for the purpose, but users should notice that the registry metadata declares no primary credential.

User impactPublishing actions will use whichever ClawHub account is currently authenticated in the CLI.

RecommendationBefore publishing, confirm `clawhub whoami` shows the intended account and document the credential requirement in metadata.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

After successful publish, update both: `C:\MAIBOT\memory\marketplace-strategy.md` ... Obsidian `_DASHBOARD.md`

The skill writes publish results into persistent local memory or note files. This is coherent recordkeeping, but those files may influence later agent context.

User impactIncorrect or unintended publish records could persist and be reused in future planning or automation.

RecommendationReview persistent record updates before saving them, and keep marketplace tracking files scoped to the intended workspace.