Back to skill
Skillv1.0.0
ClawScan security
Parenting Hub · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 24, 2026, 4:19 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally coherent: a read-only, instruction-only parenting evidence retriever that calls a public Mom AI Agent KB API and requests no credentials, installs, or system access.
- Guidance
- This skill appears coherent and low-risk: it only reads from a public Mom AI Agent KB API and requests no credentials or local access. Before installing, consider: 1) The skill will send user queries to https://www.momaiagent.com — verify you trust that domain and its privacy practices (do not send sensitive personal identifiers or private medical records). 2) The skill’s source/homepage is missing in the registry metadata (owner id present but homepage unknown); if you need stronger assurance, confirm the publisher or review the live API domain to ensure it’s legitimate. 3) The agent is allowed to invoke the skill implicitly — that’s normal, but if you want to prevent automatic calls, restrict implicit/autonomous invocation in your agent settings. If those items are acceptable, the skill’s behavior and requirements line up with its stated purpose.
Review Dimensions
- Purpose & Capability
- okName, description, and runtime instructions all describe read-only retrieval from the public Mom AI Agent KB API (https://www.momaiagent.com/api/kb). The skill declares no binaries, env vars, or config paths — which is proportionate for a read-only evidence-retrieval skill.
- Instruction Scope
- okSKILL.md restricts behavior to calling the documented public endpoints, cites exact endpoints and fields to use, and explicitly prohibits write operations, private-data access, or local file reads. There are no instructions to read system files, environment variables, or transmit data to unexpected endpoints.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill with nothing written to disk. This is the lowest-risk install model and matches the claimed purpose.
- Credentials
- okThe skill requires no environment variables, no credentials, and no config paths. That is appropriate for a public, read-only API integration.
- Persistence & Privilege
- okFlags show always:false and user-invocable:true. The included agents/openai.yaml allows implicit invocation (policy.allow_implicit_invocation: true), meaning the agent may call the skill autonomously when eligible — this is normal for skills and acceptable here because the skill is read-only and does not request extra privileges.