Back to skill
Skillv2.1.1
ClawScan security
Engineering Manager Intelligence — Team Performance & Project Health · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 10:00 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and required secrets align with its stated purpose (engineering-manager reports across GitLab/GitHub and Jira) and there are no obvious mismatches or hidden endpoints.
- Guidance
- This skill appears to do what it says: collect data from GitHub/GitLab and Jira and produce reports. Before installing or running it: 1) Inspect requirements.txt and only install packages you trust (the setup runs pip install -r requirements.txt). 2) Prefer least-privilege tokens (read-only scopes) and separate service accounts where possible. 3) Be aware the setup writes credentials to a .env file in the skill directory (plaintext) — store it securely or use an env-file mechanism with proper filesystem protections. 4) Use the --dry-run to preview output without credentials. 5) If you must run the setup on a shared machine, consider running inside an isolated environment (Python venv or Docker) to limit side effects. Overall, the pieces are coherent with the stated purpose.
Review Dimensions
- Purpose & Capability
- okName/description (team performance, contributions, Jira/GitHub/GitLab integration, delivery channels) matches the included adapters, report commands, and delivery code. The adapters expect GitLab/GitHub tokens, Jira tokens, and optional Slack/Telegram/SMTP settings — all consistent with the declared functionality.
- Instruction Scope
- noteSKILL.md and the setup wizard instruct the agent to check for a .env, run the CLI (em_intel.py) and optionally run a setup flow which opens token pages, writes a .env, installs dependencies, and runs doctor. These runtime actions access only the skill directory, prompt for tokens, and call the documented APIs; they do not instruct the agent to read unrelated system files or exfiltrate data to unknown endpoints. Note: the setup uses webbrowser.open and subprocess.run (pip, docker) which will execute on the host — expected for a CLI-style tool but worth noting.
- Install Mechanism
- noteThere is no registry install spec; installation is manual. The setup wizard runs pip install -r requirements.txt and may build a Docker image. That is a standard pattern but introduces the usual risks of installing third-party Python packages and building/running containers — review requirements.txt and exercise usual caution before running pip/docker commands.
- Credentials
- noteThe skill will require multiple credentials (GITLAB_TOKEN / GITHUB_TOKEN, JIRA_TOKEN/JIRA_EMAIL, and optional SMTP/SLACK/TELEGRAM credentials). Those are directly needed for the described integrations and delivery channels. Registry metadata lists no required env vars, which is a minor inconsistency; the skill expects the credentials to be supplied via a .env file created by the setup wizard. The setup persists secrets in plaintext .env under the skill directory — expected but a security consideration.
- Persistence & Privilege
- notealways:false (no forced presence). The setup wizard writes a .env file, may run pip install and docker build/run, and may create an em-intel Docker image. The skill does not modify other skills or system-wide config beyond typical dependency installation and writing its own config. These actions alter the local environment and should be run only on trusted machines.