Back to skill
Skillv1.0.0
ClawScan security
Milvus · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 18, 2026, 8:00 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions match its Milvus/vector-database purpose (Python + pymilvus + MILVUS_URI); nothing requested is out of scope or unexplained.
- Guidance
- This skill appears coherent for operating Milvus via Python. Before installing: (1) confirm the install source for pymilvus (prefer the official PyPI/package repository and a known version); (2) be prepared to provide MILVUS_URI (it may include host, port, and credentials) and/or tokens — treat those as secrets; (3) if connecting to a remote Milvus, ensure network access and that you use least-privilege credentials (narrow-scoped API key or limited user) and TLS; (4) if you only need local/dev work, prefer Milvus Lite to avoid sending data to remote endpoints. If you want higher assurance, request the skill's exact installer details (what 'uv' means) and the exact pymilvus version it will install.
Review Dimensions
- Purpose & Capability
- okName/description match the declared requirements: python3 and the pymilvus package are appropriate for operating Milvus. Declared primary credential MILVUS_URI fits the purpose (connection string/endpoint).
- Instruction Scope
- okSKILL.md contains only Milvus-related code examples and instructions (connect, schema, collections, search, RBAC). It does not instruct reading unrelated system files or environment variables beyond connection/auth details.
- Install Mechanism
- noteInstall spec installs the pymilvus package (expected). The installer kind is listed as 'uv' which is uncommon/ambiguous in the metadata — likely a package install from Python package registry, which is reasonable, but you should confirm the install source is the official PyPI release for pymilvus before installing.
- Credentials
- okOnly a single primaryEnv (MILVUS_URI) is declared — appropriate for a database client. The skill references token/user/password as connection parameters in examples but does not require unrelated secrets. Note: connection URIs or token parameters may contain sensitive credentials, so treat MILVUS_URI as secret.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request persistent elevated privileges or write to other skills' configs. No indicators of privileged or forced installation.