Skillv1.0.0

ClawScan security

Map your memories · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 10, 2026, 2:59 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's description (visualizing geo-tagged memories) matches the SKILL.md features, but the runtime instructions reference a CLI and data sources that are not provided or declared and the instructions are vague about where user data comes from and how privacy is enforced.
Guidance: Before installing, ask the publisher for: (1) the source or homepage and a release/distribution method for the 'memory-map' CLI the SKILL.md references, (2) concrete instructions on where and how the skill will access user memories (local files, cloud photo services, device location) and what permissions it needs, (3) details on privacy controls and whether any data is uploaded to external servers, and (4) code or a vetted binary you can inspect or verify. If the vendor cannot provide an executable or install instructions, treat the skill as incomplete and do not grant it access to your personal location or photo data. Because the skill is vague about data access and references a non-declared CLI, consider this suspicious until those gaps are clarified.

Purpose & Capability: concernThe SKILL.md expects a 'memory-map' CLI (commands like `memory-map render <user-id>`) but the skill declares no required binaries and provides no install spec or code. Either the platform must already have this CLI available or the skill is incomplete—this mismatch makes the capability claim incoherent.
Instruction Scope: concernInstructions are high-level and do not state where memory data is sourced, how <user-id> maps to actual data, or how privacy controls are implemented. They direct the agent to run an unspecified CLI and perform operations (rendering, exporting, sharing) without describing required permissions or endpoints—granting the agent broad, undefined discretion.
Install Mechanism: okThere is no install spec and no code files, which is low risk from an installation perspective. However, the absence of an install mechanism is itself the source of incoherence because the instructions assume an available CLI.
Credentials: okThe skill requests no environment variables, credentials, or config paths. There are no disproportionate credential requests in the metadata.
Persistence & Privilege: okThe skill does not request always-on presence and uses default autonomous invocation. That is normal; no elevated persistence or modification of other skills is requested.