Skillv0.1.0

ClawScan security

Memory Network · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 8:32 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill claims cross-platform memory aggregation and storage but provides no runtime instructions, credentials, install steps, or privacy details — the capability description is not matched by what the skill actually requests or implements.
Guidance: This skill reads like a high-level product pitch rather than an actionable integration. Before installing or trusting it, ask the developer for: (1) concrete runtime behavior — how does the skill obtain memories from other platforms and which exact APIs/endpoints are used; (2) a list of required credentials and why each is needed; (3) an install spec or source code you can inspect; (4) clear privacy, consent, retention, encryption, and deletion policies (how user memories are stored, who can access them); (5) proof of the maintainer's identity and hosting (homepage, repo, or package registry). If you cannot get precise answers (or if the skill would require broad credentials you’re unwilling to grant), do not enable it. Prefer skills that declare needed env vars, provide auditable code or install steps, and describe per-user consent mechanisms.

Review Dimensions

Purpose & Capability: concernThe description claims cross-platform memory aggregation (ChatGPT, Gemini, Claude), Supabase long-term storage, and network computations, but the skill declares no credentials, no API endpoints, and no install or connector code. Either the SKILL.md is purely informational or it is misrepresenting actionable capabilities; pulling memories across vendors would normally require explicit connectors, auth tokens, or user-provided data.
Instruction Scope: noteSKILL.md is an explanatory product/architecture description with no step-by-step runtime instructions, no commands to run, and no references to local files, environment variables, or external endpoints. That keeps execution risk low but is vague — it also claims behaviors (data aggregation, real-time evolution) without saying how those actions would be performed, what data is accessed, or how user consent is obtained.
Install Mechanism: okNo install spec and no code files (instruction-only). This minimizes immediate execution/install risk because nothing is written to disk or fetched automatically by an installer.
Credentials: concernThe skill requests no environment variables or credentials despite claiming to integrate with multiple AI platforms and Supabase. Real integrations normally require API keys, tokens, or user data exports; the absence of any declared credentials or config is disproportionate to the stated functionality and raises questions about how data access would actually occur.
Persistence & Privilege: okThe skill does not request always-on presence and has no install steps that modify agent or system configuration. There is no indication it would persist or escalate privileges on its own.