Skillv1.0.0

ClawScan security

python · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 14, 2026, 2:43 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements, instructions, and included helper script align with its stated purpose of managing Python venvs and installing packages; nothing requested or installed appears disproportionate or unrelated.
Guidance: This skill appears to do exactly what it says: create/repair virtualenvs and install packages using the included python_env_tool.py helper. Before installing or running it: 1) review any requirements.txt/pyproject you plan to install—package install scripts can run code; only install from trusted sources; 2) note the bootstrap --recreate option will delete the venv directory if present; 3) the skill will call pip to fetch packages from the network (PyPI) so consider running it in an isolated environment if you handle sensitive data; 4) if you do not want the agent to invoke this skill autonomously, disable implicit/automatic invocation in your agent settings. Overall the skill is coherent and proportional to its stated purpose.

Purpose & Capability: okName/description (Python environment helper) matches required binaries (python3, pip/pip3), the brew install of python, and the bundled python_env_tool.py script which implements venv bootstrap/install/doctor commands.
Instruction Scope: okSKILL.md instructs running the bundled helper and standard Python tools (venv, pip, pytest). It does not request reading unrelated files or secrets. The guidance explicitly recommends safe practices (inspect dependency files, prefer venvs). The helper runs subprocesses to perform expected package installs and venv creation.
Install Mechanism: okInstall metadata uses the standard brew formula 'python' (and an apt alternative) to provide python3/pip. This is an expected, low-risk install mechanism for this purpose.
Credentials: noteNo environment variables or credentials are requested (proportionate). One operational note: the skill installs packages from external sources (pip/PyPI) which can execute arbitrary code at install time—this is expected for a package installation helper but is an operational risk the user should consider before installing untrusted requirements.
Persistence & Privilege: okalways:false and no system-wide config changes are requested. The agents/openai.yaml permits implicit/automatic invocation (allow_implicit_invocation: true) which is normal for skills; there are no additional broad privileges or modifications to other skills.