Skillv1.0.0

ClawScan security

Ubuntu Hardening V2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 30, 2026, 5:02 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to be a wrapper around a remote hardening API and is internally plausible, but missing provenance and auth details plus external download links create risk and some inconsistencies you should review before installing.
Guidance: This skill appears to describe a remote API that returns hardening configuration files. Before installing or allowing automatic use: 1) Verify the provider (toolweb.in / api.mkkpro.com) and confirm the skill's publisher and homepage—the registry entry lacks provenance. 2) Ask how authentication is intended to work; don't provide credentials unless you confirm they are necessary and to whom they will be sent. 3) Treat any downloadUrl from an external server as untrusted: review downloaded configuration files in an isolated/test environment before applying them to production systems. 4) If you plan to let an agent fetch/apply configurations automatically, restrict network access or sandbox the agent and require manual approval for any changes. 5) If you need higher assurance, request an implementation that declares required API keys, TLS endpoints, and a verified publisher, or prefer an open-source local tool you can audit.

Review Dimensions

Purpose & Capability: noteThe SKILL.md and openapi.json align: the skill documents an API that generates Ubuntu 22.04 STIG-style configurations. That purpose matches the name and description. However the registry metadata shows unknown source/homepage, and the SKILL.md advertises paid plans and external domains (toolweb.in, api.mkkpro.com) but the skill does not declare any required credentials or provenance—this is unexpected for a commercial API integration.
Instruction Scope: noteThe runtime instructions are limited to describing HTTP endpoints (POST /api/hardening/generate etc.) and example request/response payloads; they do not instruct the agent to read local system files or access secrets. However example responses include downloadUrl fields pointing at an external host (api.mkkpro.com). That implies the agent or user may fetch and apply configuration files from an external server — a potentially risky action if performed automatically without review.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files to run, so there is no installer footprint on disk from the skill itself.
Credentials: noteThe skill requests no environment variables or credentials. Given the SKILL.md references a commercial API and pricing tiers, one would normally expect an API key or token to be required; the absence of any declared auth mechanism is an omission that reduces transparency and may force callers to embed credentials in prompts or agent code.
Persistence & Privilege: okalways:false and default invocation settings are used; the skill does not request persistent or elevated platform privileges and does not claim to modify other skills or system-wide settings.