Back to skill
Skillv1.0.0
ClawScan security
TM Soil Moisture Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 9, 2026, 10:19 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill is internally consistent: it is a local, SQLite-backed soil moisture analysis tool and its code, instructions, and requirements align with the stated purpose.
- Guidance
- This skill appears to do exactly what it claims: read a local SQLite DB and analyze sensor JSON for multi-depth soil moisture and irrigation advice. Before installing or running it, confirm the DB path (/usr/apps/config/agri.db) is the intended database and contains only data you permit the skill to read. If you plan to run it as an MCP service (pip install mcp and --mcp), be aware that it will expose the three tools to the host LLM environment — run that only on a trusted host or in an isolated environment. If you need the skill to warn automatically about low battery at the 3.5V threshold, consider patching the code to emit that specific warning. Otherwise there are no obvious requests for unrelated credentials or network exfiltration.
Review Dimensions
- Purpose & Capability
- okThe name/description (soil moisture analysis for 文冠果) match the implementation: the code reads a local SQLite DB, parses multi-depth Soil_Temp/Soil_Humi fields, computes depth averages, and provides irrigation advice. No unrelated credentials, binaries, or network dependencies are required by default.
- Instruction Scope
- noteSKILL.md instructs the agent to query a local SQLite DB and call three tools (query_device_data, calculate_depth_average, check_irrigation_advice) — the code implements exactly those. One minor scope note: SKILL.md mentions possible weather API integration, but the shipped code uses simulated weather (no external calls). Also the SKILL.md asks the assistant to 'proactively warn on low battery'; the code reports power but does not auto-emit a low-voltage warning string at the stated 3.5V threshold (it prints the battery value). This is a functional mismatch, not a confidentiality or lateral-access concern.
- Install Mechanism
- okThere is no install spec; the skill is instruction+script only. The only optional runtime dependency is the 'mcp' package (documented) to expose MCP tools. No downloads or archive extraction are performed.
- Credentials
- okThe skill requests no environment variables or external credentials. It does require read access to a local SQLite database at a hard-coded path (/usr/apps/config/agri.db), which is proportional to its purpose but does mean the skill needs filesystem access to that DB. No secret-exposing env vars or unrelated service keys are requested.
- Persistence & Privilege
- okalways is false and the skill does not modify other skills or system-wide settings. If the optional 'mcp' package is installed and the script is run with --mcp, it will register callable tools — that is expected behavior for an MCP plugin and not excessive on its own.