Back to skill
Skillv1.0.2
ClawScan security
Iso42001 Aims Readiness · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 16, 2026, 3:10 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is mostly coherent for an API-backed ISO 42001 readiness assessor, but a few inconsistencies and a TLS-suppressing test script create privacy/transport risks and warrant caution before installing.
- Guidance
- This skill appears to do what it claims (call ToolWeb to produce an ISO 42001 readiness report) and only needs one API key, but review the following before installing: 1) Understand privacy: the skill sends organization-specific details to portal.toolweb.in—do not send sensitive secrets or PII unless you trust the service and have reviewed its privacy/legal terms. 2) Fix the test script: it uses curl -k which disables TLS verification; ask the author to remove -k or explain why it's needed. 3) Confirm the correct API endpoint and port (SKILL.md and the test script differ). 4) Use a scoped API key or test key first and verify billing/pricing expectations. 5) Check the portal.toolweb.in/service reputation (signup, contact, and ownership) before sharing real organizational data. If the author can explain/resolve the -k usage and the endpoint mismatch, the remaining design is proportionate; otherwise treat calls as potential data exfiltration and test only with non-sensitive data.
Review Dimensions
- Purpose & Capability
- okName, description, required binary (curl) and single required env var (TOOLWEB_API_KEY) align with an API-based readiness assessment service; asking for organization and governance details is expected for this purpose.
- Instruction Scope
- noteSKILL.md explicitly requires calling the ToolWeb API for every assessment and instructs gathering organizational details (org name, industry, AI role, policies, counts). That behavior is coherent but means potentially sensitive organizational data will be sent to a third party; the skill also instructs the agent not to answer from its own knowledge, which forces outbound data sharing rather than local reasoning.
- Install Mechanism
- concernThe skill is instruction-only (low install risk) but includes a test script that invokes curl with -k (insecure: disables TLS cert verification) and points to a different endpoint (https://portal.toolweb.in:8443/iso42001) than the SKILL.md API path (https://portal.toolweb.in/apis/iso42001). The -k flag weakens transport security and the endpoint mismatch is an inconsistency that should be clarified.
- Credentials
- okOnly one credential is requested (TOOLWEB_API_KEY) and it is used as the primary API key—this is appropriate and proportionate for an external SaaS API integration.
- Persistence & Privilege
- okThe skill does not request always:true or any elevated platform privileges and is user-invocable only; no indications it modifies other skills or system-wide settings.