Back to skill
Skillv1.0.1
ClawScan security
aoyc · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 20, 2026, 7:21 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only cross-border trade consultant skill (templates, SOPs, guides) that contains no code, no installers, and requests no credentials or system access — its declared functionality matches its requirements.
- Guidance
- This skill is content-only and appears coherent with its stated purpose. Before installing, consider: (1) the skill contains many ready-to-use email templates and scripts — review them for compliance with your company policies and local laws before sending; (2) do not paste or store private credentials, customer PII, or proprietary documents into prompts you send to the skill; (3) because it’s instruction-only, it won’t install binaries or request credentials, but verify any advice (legal, tax, customs) with qualified professionals; (4) if you enable autonomous invocation for agents that can act without prompting, consider restricting that behavior if you are concerned about automated outbound communications.
Review Dimensions
- Purpose & Capability
- okThe name/description (cross-border trade advisor) aligns with the content: SKILL.md plus multiple reference docs with email templates, platform guides, trade terms and scripts. There are no unrelated requested binaries, env vars, or credentials.
- Instruction Scope
- okRuntime instructions define an advisory role and reference the bundled training_data files. The instructions do not tell the agent to read arbitrary system files, access external endpoints, or collect secrets; scope stays within providing business advice and using the included reference content.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This is the lowest-risk model because nothing is downloaded, extracted, or executed on the host.
- Credentials
- okThe skill declares no required environment variables, no primary credential, and no config paths. There are no disproportionate or unexplained requests for secrets or external service credentials.
- Persistence & Privilege
- okalways:false and default invocation settings. The skill does not request permanent/system-level presence or modifications to other skills/configs. Autonomous invocation is allowed (platform default) but not combined with other red flags.