Skillv1.0.1

ClawScan security

Puter Deployer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 8, 2026, 7:21 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's required actions, files, and scripts match its stated purpose (deploying Puter-hosted web sites); nothing requests unrelated credentials or performs unexpected network/execution beyond normal deploy and verification steps.
Guidance: This skill appears coherent and limited to deploying Puter-hosted sites, but review a few practical points before installing: 1) The scripts are included and straightforward — you can read/run preflight.sh and verify_url.sh locally to confirm behavior. 2) The SKILL.md's suggestion to "inspect active puter-cli source behavior" is vague; decide whether you want the agent to perform any source or network inspection (you may prefer to do that manually). 3) Ensure your local 'puter' CLI is from a trusted source and that you do not paste long-lived tokens into chat; the skill relies on your existing CLI auth session. 4) Keep the explicit-confirmation guardrails in place for production targets. If you want higher assurance, run the preflight and verification steps yourself once before letting the agent run them autonomously.

Purpose & Capability: okName/description match the included instructions and helper scripts. The skill checks for the 'puter' CLI, validates build output, offers CLI and API fallback deployment paths, and verifies the deployed URL — all coherent with a Puter deployer.
Instruction Scope: noteRuntime instructions and the two shipped scripts operate only on the declared project/build paths, the local 'puter' CLI, and the target URL (via curl). One ambiguous item: the SKILL.md says to "inspect active puter-cli source behavior before pushing" when API details are unclear. That could lead the agent to read installed CLI source, inspect network traffic, or otherwise perform broader observation. The included scripts themselves do not perform such inspections.
Install Mechanism: okNo install spec (instruction-only) and included helper scripts are small, non-obfuscated shell scripts. Nothing is downloaded or extracted from external URLs during install.
Credentials: okThe skill declares no required environment variables or credentials. It relies on the user's existing 'puter' CLI session for authentication (which is appropriate for a CLI-first deploy tool) and does not request unrelated secrets.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated or persistent platform privileges. Guardrails in SKILL.md require explicit confirmation before destructive actions and forbid printing auth tokens.