Skillv0.1.0

ClawScan security

test-jiaodian-lin-demo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 17, 2026, 9:49 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (a paid/demo skill that validates a license key) and request only a single license env var, though there are a few minor metadata inconsistencies and trust signals to check before installing.
Guidance: This appears to be a straightforward paid-skill demo that only checks a SKILL_LICENSE_KEY value before running its demo logic. Before installing: (1) confirm you trust the publisher/source (no homepage or upstream source is provided), (2) prefer to store the license key in the platform's secret store rather than a plain environment variable if possible (env vars can leak to other processes), (3) verify you have a Python runtime available, and (4) inspect the files yourself — the code is local and doesn't perform network calls, but commented code shows where a developer might add remote verification. The main actionable issues are metadata inconsistencies (declared requirements vs. actual files) and the lack of an upstream homepage; these are not evidence of malicious behavior but are reasons to review/confirm before enabling on production agents.

Review Dimensions

Purpose & Capability: noteThe skill is a paid-skill demo that enforces a license key and its files implement that behavior. However the top-level 'Requirements' block in the provided metadata said 'Required env vars: none' while skill.json and SKILL.md require SKILL_LICENSE_KEY — an internal inconsistency. Also the skill is a Python script but declared 'required binaries: none' (it will need a Python interpreter at runtime).
Instruction Scope: okSKILL.md and the bundled scripts only instruct to read SKILL_LICENSE_KEY and perform a local hash check; no instructions ask the agent to read unrelated files, call external endpoints, or exfiltrate data. Network verification is only shown as commented example code.
Install Mechanism: okThere is no install spec (instruction-only with two bundled Python scripts). This is low-risk; the platform will simply execute the provided Python script. Note: the package expects a Python runtime but does not declare required binaries.
Credentials: noteThe skill requires a single license environment variable (SKILL_LICENSE_KEY) which is proportional to a paid/demo skill. The earlier metadata omission of required env vars is inconsistent with the actual files and should be corrected/confirmed.
Persistence & Privilege: okThe skill does not request always:true and does not modify other skills or system config. skill.json sets 'enabled': true (enabled by default), which is normal but worth noting — the skill can be invoked by agents per platform defaults.