Skillv1.0.0

ClawScan security

Web Searcher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 12:08 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, included helper script, and resource requirements match its stated purpose (web research) and do not request unexplained credentials, installs, or system access.
Guidance: This skill appears to do what it promises: autonomous web searches, selective page fetches, cross-referencing, and synthesis. Before installing, consider: (1) It will fetch public pages (news, LinkedIn, company sites) and include URLs in outputs—avoid asking it to harvest private or authenticated content or supply credentials. (2) Scraping some sites (LinkedIn, paywalled content) may violate terms of service or require authentication; expect missed results for such sources. (3) Outputs are synthesized summaries — verify important claims against the cited source URLs. If you need stricter controls, only invoke this skill manually (it is user-invocable by default) and avoid granting any separate credentials or private tokens to it.

Review Dimensions

Purpose & Capability: okName/description (autonomous web research) align with the included SKILL.md and the small helper script. The only code (scripts/research_plan.py) simply builds search queries and limits (max_searches/max_fetches) which is appropriate for the stated function.
Instruction Scope: okRuntime instructions tell the agent to run platform-provided web_search and web_fetch calls, follow links, compare sources, and cite URLs. They set explicit limits (max searches/fetches) and do not instruct reading local files, environment variables, or transmitting data to arbitrary external endpoints. The only notable behavior is explicit guidance to fetch public pages (e.g., LinkedIn/company pages) which is consistent with people/company research but may surface personal information—this is expected for the skill's purpose.
Install Mechanism: okNo install spec is provided (instruction-only), and the single included script is a small, local helper that does not fetch remote code or write to disk beyond its own presence. This is the lowest-risk install profile.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. The SKILL.md does not reference any hidden env vars or secrets. This is proportionate to a read-only web research agent.
Persistence & Privilege: okalways:false and no install actions that modify agent/system configurations. The skill does not request persistent privileges or to modify other skills' settings.