Skillv0.1.2

ClawScan security

Mobb Vulnerabilities Fixer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 9:16 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and requirements are coherent with a tool that drives a local Mobb MCP/CLI to scan and apply fixes; there are a few small inconsistencies (mostly around how API keys are handled) but nothing that indicates malicious intent.
Guidance: This skill appears to do what it says: it drives your local Mobb MCP/CLI to scan a repository and apply fixes but expects you to (1) run and trust the MCP service/tool locally, (2) provide or configure a Mobb API key or complete the browser login flow yourself, and (3) review and explicitly approve any patches before they are applied. Before installing/invoking: ensure your local MCP binary/server is from a trusted source, be prepared to authenticate via the browser flow or set an API key locally (the skill's docs are slightly inconsistent about whether the agent should read env vars), and do not allow the skill to auto-apply fixes without your explicit consent. If you want greater assurance, ask the skill author to clarify which environment variables it reads, or require the agent to only accept credentials that you paste into the session at runtime rather than reading them from the environment automatically.

Review Dimensions

Purpose & Capability: okThe skill's name and description match the runtime instructions: it drives an existing Mobb MCP/CLI to scan a local repo and apply fixes. It expects MCP to be available and instructs the agent to call MCP APIs such as scan_and_fix_vulnerabilities and fetch_available_fixes, which is appropriate for the stated purpose. Minor gap: metadata declares no required binaries/env but the instructions assume an external MCP service/tool is present (the skill explicitly tells the agent not to install/launch MCP itself).
Instruction Scope: okSKILL.md stays within the scope of scanning and applying fixes: it requires an absolute repo path, uses pagination rules, asks for explicit user consent before applying patches, and instructs not to auto-rescan or auto-page. No instructions request broad system access or tell the agent to read unrelated files. Notable inconsistency: references/mobb-auth.md says 'Do not read or request environment variables directly' while SKILL.md says 'Prefer API_KEY in the environment' — this is a contradictory guidance about how the agent should obtain credentials and should be clarified.
Install Mechanism: okThis is an instruction-only skill with no install spec and no bundled code, which minimizes installation risk. The skill assumes MCP is locally available but explicitly forbids installing or launching it on the agent's behalf.
Credentials: noteDeclared requirements list no environment variables or credentials, but the instructions reference an API key (API_KEY or MOBB_API_KEY) and an optional API_URL/WEB_APP_URL for non-default tenants. This is reasonable for a client that interacts with a service, but the metadata could be clearer. The contradictory guidance about 'do not read env vars directly' vs. 'prefer API_KEY in the environment' should be resolved: the agent must not attempt to exfiltrate secrets and should only use creds the user explicitly provides or configures locally.
Persistence & Privilege: okThe skill is not always-included and does not request persistent system-wide privileges. It instructs the user to run their own MCP service and does not attempt to modify other skills or system settings.