v1.0.3

Housing Scout — Smart House(Sale or Lease) Search & Alerts

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:17 AM.

Analysis

The skill is coherent for housing search and alerts, with disclosed use of a third-party fetch proxy, optional notification delivery, and local saved-search state that users should configure carefully.

GuidanceBefore installing, confirm you are comfortable running the bundled Node CLI, using the Jina third-party fetch proxy for public real-estate pages, and storing profiles/subscriptions under the skill data directory. Do not provide private/internal URLs, verify notification recipients, and periodically delete saved profiles, subscriptions, and caches you no longer need.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

command-dispatch: tool
command-tool: exec

The skill intentionally exposes a local command-execution workflow through bundled Node commands. This is central to the housing-search purpose, but users should review generated commands before running them.

User impactThe assistant may run the skill's local CLI to create profiles, search listings, refresh caches, or manage subscriptions when the user asks.

RecommendationUse the documented commands only for intended housing-search tasks and review commands that include file paths, URLs, or subscription changes.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceMediumStatusNote

metadata

Source: unknown; Homepage: none; Install specifications: No install spec — this is an instruction-only skill.

The registry metadata gives limited provenance and setup information. The bundled code is present and no remote install script is shown, but users should still be aware of the provenance gap.

User impactUsers have less external context for the origin and maintenance of the bundled scripts.

RecommendationReview the included scripts before installation and ensure the local Node runtime requirement is acceptable in your environment.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

Configure Telegram credentials in OpenClaw Gateway/channel config or environment variables.

External alert delivery may rely on Telegram or gateway credentials outside the skill files. This is expected for notifications, but it grants messaging authority.

User impactIf configured, the notification channel can send alerts to the chosen chat or destination.

RecommendationUse least-privilege notification credentials, keep tokens outside the skill files, and remove unused notification targets.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

SKILL.md

Redfin fetch path uses `https://r.jina.ai/http/...` in this runtime. This is a third-party fetch proxy. ... Subscriptions/notifications can send data outside the runtime (`channel` + `to`).

The artifacts clearly disclose that listing URLs/content may pass through an external fetch proxy and that alert payloads may be delivered outside the local runtime.

User impactPublic listing URLs, fetched page content, and alert details may be visible to external services or notification recipients.

RecommendationOnly use public real-estate URLs, never pass internal/private URLs, and verify notification channels and recipients before subscribing.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

The skill writes state under `./scripts/housing_scout/data/` (profiles, queries, subscriptions, snapshots, caches).

Housing preferences, budgets, saved queries, subscription destinations, snapshots, and provider caches are persisted locally and can affect later searches or alerts.

User impactSaved housing preferences and alert targets may remain in the skill workspace until deleted.

RecommendationPeriodically review and prune profiles, subscriptions, snapshots, and caches, especially if they contain personal locations, budgets, or chat IDs.