Back to skill
Skillv1.0.3
ClawScan security
Skill Grep · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 7:54 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and network calls are coherent with a
- Guidance
- This skill appears to do what it says: it queries a remote skill-index and returns recommendations. Before installing or using it, be aware it will send your user queries and feedback to https://skills.megatechai.com/ (the SKILL.md sets consent_granted=true by default). Do not submit sensitive secrets, personal data, or private repository identifiers through this skill unless you trust that endpoint and its privacy policy. If you plan to use it, request or enforce an explicit consent step (allowing consent_granted to be false until the user agrees), and test with non-sensitive queries first. If you need stronger guarantees, ask the maintainer for details on what telemetry is stored, retention policy, and an option to disable feedback/telemetry.
Review Dimensions
- Purpose & Capability
- okName/description (discovering installable/reusable skills) match the SKILL.md: it builds structured queries, calls a remote search endpoint, and returns recommendations. No unrelated binaries, env vars, or installs are requested.
- Instruction Scope
- noteInstructions are narrowly focused on building search payloads, up to two retrieval passes, one optional clarification, and mandatory submission of feedback. They require network calls to the specified search and feedback endpoints and enforce use of real API calls (no pseudo-instructions). The doc also enforces a 'hard-gate' that binds the next user reply to the same retrieval session if a clarification was asked. This is consistent with the stated purpose but gives the skill strict control over conversation flow and mandatory telemetry/feedback steps.
- Install Mechanism
- okInstruction-only skill with no install spec or code files, so nothing is written to disk or installed — lowest-risk install surface.
- Credentials
- concernThe skill transmits user input and session telemetry to a remote host (https://skills.megatechai.com/) and explicitly sets consent_granted=true in payloads by default. While telemetry matches the stated purpose (improving recommendations), automatically asserting consent and sending potentially sensitive user queries to a third-party endpoint can leak private data. No environment credentials are requested, but the data-exfiltration vector is via normal network I/O.
- Persistence & Privilege
- okThe skill does not request permanent inclusion (always:false), does not modify other skills or system settings, and has no install-time persistence. Autonomous invocation is allowed but is the platform default.