Skillv1.0.0

ClawScan security

Customer Background Check · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 10, 2026, 2:52 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared purpose (three‑check compliance background check) matches its instructions: it is an instruction-only skill that directs browser searches of OFAC and ECFR pages and drafts coordination messages; it requests no credentials or installs nothing.
Guidance: This skill is coherent and does what it says: it will use a browser tool to query OFAC and ECFR pages and draft a request to internal colleagues. Before installing or running it, verify: (1) your agent's browser/tooling is sandboxed and you are comfortable having the company name/address you provide entered into public government search forms; (2) the 'Dora'/'Shellen' recipients are correct and you want the agent to potentially send messages (the skill says to confirm before sending — prefer drafting only); (3) always manually review any "疑似命中/需人工复核" findings before making compliance decisions; and (4) if you need stricter data handling (avoid sending full PII), redact unnecessary fields before asking the skill to run. If you want additional assurance, request a version that logs less context or that runs in read-only/manual mode so the agent only provides guidance instead of performing web interactions.

Purpose & Capability: okName, description and SKILL.md all consistently describe OFAC name/address checks, ECFR address text search, and drafting a message to internal contacts. The skill does not request unrelated binaries, env vars, or installs.
Instruction Scope: noteInstructions explicitly direct the agent to open two government sites, fill search fields, perform Ctrl+F style page searches, extract visible result text, and draft messages. This is within the stated purpose. Note: the skill expects semi‑automatic web interactions (browser tooling) and reading page contents — so the agent will transmit user-provided company/address info to those public sites and will observe page content.
Install Mechanism: okNo install spec and no code files; lowest install risk. The skill is instruction-only and nothing is written to disk or fetched during install.
Credentials: okThe skill requires no environment variables, credentials, or config paths. Requested actions (web searches and message drafting) do not require additional secrets, so the lack of credential requests is proportionate.
Persistence & Privilege: okalways:false and user-invocable; autonomous invocation is allowed by platform default but the skill does not request elevated or persistent privileges or modify other skills. The SKILL.md instructs to confirm before sending messages to contacts.