Back to skill
Skillv0.1.0
ClawScan security
mesagona · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 18, 2026, 1:45 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill is an informational namespace that only runs a small included script to print static brand/feature text or JSON and does not request credentials, perform network calls, or install additional software.
- Guidance
- This skill appears low-risk: it only prints static text/JSON from an included script and asks for no credentials. Before installing, verify the author (owner ID vs. public website), confirm you trust the source (there's no homepage listed in the registry metadata even though README points to netsnek.com), and note the small license inconsistency between README (MIT) and the script JSON ('All rights reserved'). If you are concerned, inspect the included scripts (they are short) or run the skill in a sandboxed environment. Otherwise it is safe to install for informational/display use.
Review Dimensions
- Purpose & Capability
- okThe name/description (brand/feature info for an events product) match the contained artifacts: SKILL.md directs the agent to run scripts/mesagona-info.sh, and that script outputs brand text, a feature list, or static JSON. Nothing in the bundle suggests capabilities beyond providing informational output.
- Instruction Scope
- okRuntime instructions are narrowly scoped: run scripts/mesagona-info.sh (with optional flags). The script contains only static echo/cat of embedded JSON/text. It does not read files, environment variables, system config, or send data over the network.
- Install Mechanism
- okThere is no install spec and no external downloads. The skill is instruction-only with a single small script included in the package, so nothing is written to disk beyond the packaged files and no external code is fetched at install time.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths and its behavior does not access secrets. The requested 'exec' permission is appropriate for running the included script. (Minor note: README states MIT license while the embedded JSON uses 'All rights reserved'—a documentation inconsistency but not a security issue.)
- Persistence & Privilege
- okalways is false and the skill is user-invocable. Model invocation is enabled (normal). The skill does not attempt to modify other skills or system-wide agent settings; it only executes its own script.