Skillv1.1.0

ClawScan security

A/B Interpreter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 14, 2026, 2:25 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and runtime instructions are consistent with an A/B test readout tool: it needs test data and statistical checks but asks for no unrelated credentials, installs, or system access.
Guidance: This skill appears coherent and focused on legitimate A/B readout tasks. Before installing or running it: (1) confirm where the skill came from (no homepage/source is listed) and consider requesting provenance or a maintainer contact; (2) only supply the minimal data needed — prefer aggregated counts and CIs where possible, or anonymize per-user rows before providing them, because some recommended tests call for per-user revenue series; (3) ensure human review of any 'Ship' decisions (the skill gives recommendations, not business authorization); and (4) if you plan to run it autonomously, restrict the data the agent can access to avoid accidental exposure of PII or other sensitive datasets.

Review Dimensions

Purpose & Capability: okThe name/description (A/B Interpreter for ecommerce) match the SKILL.md and reference docs: it explains which tests to run (two-proportion z, Welch's t, segment cuts), what inputs are required (hypothesis, MDE, per-arm counts or per-user revenue series), and what outputs to produce. No unexpected binaries, env vars, or config paths are requested.
Instruction Scope: noteInstructions are narrowly focused on ingesting test setup and computing statistics, segment and guardrail checks, novelty assessment, and producing a verdict/template. There is no instruction to read system files, environment variables, or to call external endpoints. One important runtime expectation: some checks (e.g., Welch's t for revenue) require per-user revenue series rather than just aggregated summaries — that implies the agent will need raw test data supplied at runtime. Treat that as a data-scope requirement rather than a platform access issue.
Install Mechanism: okNo install spec and no code files — this is an instruction-only skill. Nothing is downloaded or written to disk by the skill package itself.
Credentials: noteThe skill requests no environment variables, credentials, or config paths (proportionate). However, some recommended analyses need raw per-user data (potentially sensitive), so the primary privacy/secret concern is the dataset you provide at runtime, not the skill asking for secrets.
Persistence & Privilege: okThe skill is not marked always:true and does not request persistent system changes. It uses the platform's normal autonomous-invocation setting (disable-model-invocation:false), which is expected and not, by itself, a problem.