Skillv1.0.3

ClawScan security

RFC Document Assistant · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 7:17 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose (a thin wrapper that uses the x-cmd CLI to read/search RFCs); the main risk is the optional installation of an external CLI via a high-risk curl|sh installer — otherwise no unexpected privileges or secrets are requested.
Guidance: This skill appears to do what it says: it requires the x-cmd CLI to function and provides clear install options. Before installing: prefer the Homebrew bottle (recommended) or download-and-review workflow. Avoid running curl -fsSL https://get.x-cmd.com | sh on machines with secrets or in production. If you allow the agent to install, require explicit consent and verify checksums/signatures. The skill itself does not ask for credentials or system-wide access, but installing third-party binaries always carries supply-chain risk—review install scripts or use disposable environments if you must auto-install.

Review Dimensions

Purpose & Capability: okThe skill is an instruction-only wrapper that sources and uses an external CLI (x-cmd) to list, view, and search RFCs. Requesting the x-cmd loader (~/.x-cmd.root/X) is reasonable for this purpose and there are no unrelated env vars, binaries, or capabilities requested.
Instruction Scope: noteSKILL.md confines runtime actions to sourcing the x-cmd loader and running x rfc commands. It references the user-local path ~/.x-cmd.root/X; it does not ask the agent to read unrelated files or credentials. Note: the included install guide instructs the agent how to install x-cmd (including an auto-install option) — that expands the agent's actions if the user consents.
Install Mechanism: noteThere is no built-in install spec, but data/install.md documents three install paths: Homebrew (low risk), manual-download-and-review (medium risk), and a curl | sh auto-install (high risk). The guide explicitly warns about the auto-install approach. The presence of a one-liner that executes remote code without review is a legitimate installation convenience but a higher-risk mechanism; prefer Homebrew or manual review.
Credentials: okThe skill declares no required environment variables, no credentials, and no privileged config paths. Installation is scoped to the user home (~/.x-cmd.root/), which is proportionate to installing a user-level CLI.
Persistence & Privilege: okalways:false and normal autonomous invocation are used. The skill may install user-local files under ~/.x-cmd.root/ if the user permits, which is expected for a CLI-based skill. It does not request system-wide or cross-skill configuration changes.