Skillv1.0.9

ClawScan security

ChipChain · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 16, 2026, 7:24 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested APIs, instructions, and files are coherent with a semiconductor supply‑chain research purpose; the only notable mismatch is the presence of Python helper scripts despite no declared binaries or install steps.
Guidance: This skill appears to be what it says: a research tool that uses Comtrade, OpenDART, e‑Stat, Lens, and KIPRIS. Before installing or enabling it, consider the following: (1) You must supply five API keys — ensure you create keys with least privilege and rate limits where possible and do not reuse high‑privilege production credentials. (2) The package contains Python scripts; the SKILL.md doesn't declare required binaries or install steps. If you (or the agent) plan to execute those scripts, review their contents locally and run them in a sandboxed environment; verify they don't call unexpected endpoints or execute arbitrary code. (3) The skill will perform network queries to third‑party APIs and web search tools; be mindful that any data you provide into those queries could reach those services. (4) If you lack comfort reviewing code, ask the author for a dependency/install manifest or a statement that the scripts are purely offline helpers. (5) Rotate or revoke API keys if you stop using the skill. Overall the bundle is coherent with its stated purpose, but inspect the included scripts and prefer limited, test keys before granting full access.

Review Dimensions

Purpose & Capability: okName/description (semiconductor supply‑chain intelligence) align with required environment variables (COMTRADE, OPENDART, ESTAT, LENS, KIPRIS) and the SKILL.md guidance to query trade data, filings, patents, and multilingual sources. All requested credentials map to data sources explicitly referenced in sources.md.
Instruction Scope: okSKILL.md limits activity to building queries, running multilingual web/API searches, triangulating sources, and strictly citing results. It does not instruct access to unrelated system files, unknown endpoints, or broad data exfiltration. It does require network access to the declared APIs and web search tools (expected for this task).
Install Mechanism: noteNo install spec (instruction-only) which is lowest-risk. However, repository includes four Python scripts (verify_tickers.py, verify_cas.py, _verify_common.py, verify_all.py). SKILL.md doesn't mention executing them or list required binaries; if the agent or user chooses to run those scripts, Python (and possibly dependencies) will be needed. Absence of declared binaries/install steps is an inconsistency worth noting.
Credentials: okAll required env vars are API keys for sources cited in SKILL.md and sources.md. The number of keys (five) is proportionate to a skill that aggregates Comtrade, Korea DART, Japan e‑Stat, Lens, and KIPRIS. No unrelated credentials, system secrets, or config paths are requested.
Persistence & Privilege: okalways is false and the skill does not request elevated platform privileges or to modify other skills. disable-model-invocation is default (false), which is normal and not by itself concerning here.