Back to skill
Skillv1.0.0
ClawScan security
code-score · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 17, 2026, 8:20 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill claims to evaluate Go code but its runtime instructions are opaque binary data (SKILL.md is unreadable), so its actual behavior cannot be verified and does not align with the declared, benign surface.
- Guidance
- Do not install or enable this skill until the publisher provides readable SKILL.md and documentation. Specific steps to consider: (1) Ask the publisher for plain-text runtime instructions and which tools/APIs it uses. (2) Verify why no Go tools or API credentials are declared if the skill analyzes Go code. (3) If you must test it, run it in an isolated environment with restricted agent autonomy and network access. (4) Prefer skills whose SKILL.md is human-readable and whose requirements (binaries, env vars) match the stated purpose. The current opaque/binary files are an unexplained mismatch and could hide harmful behavior.
Review Dimensions
- Purpose & Capability
- concernName/description say "evaluate Go code", but there are no readable instructions, no declared required Go tools (gofmt/govet/staticcheck), and no API credentials for a hosted analysis service — the required capabilities to perform the task are missing or undocumented.
- Instruction Scope
- concernThe SKILL.md (the runtime instructions) is a binary/garbled blob and not human-readable. Because instructions are opaque, we cannot confirm what the agent will be told to do at runtime; hidden or malicious directives could be present.
- Install Mechanism
- noteNo install spec (instruction-only), which normally reduces risk. However, the included files (SKILL.md, README.md, config.md) are binary/obfuscated rather than plain text, which is unusual for an instruction-only skill and raises suspicion about intentional concealment.
- Credentials
- okThe manifest declares no required environment variables, credentials, or config paths. That is proportionate for a purely local, read-only linter. But because the instructions are unreadable, we cannot confirm whether runtime steps would access other secrets or files not declared.
- Persistence & Privilege
- okDefaults are normal (always:false, agent invocation allowed). The skill does not request elevated or persistent privileges in the registry metadata.