Back to skill
Skillv1.0.0
ClawScan security
ArduPilot Drone Control · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 15, 2026, 2:29 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements are consistent with its stated purpose (controlling ArduPilot via pymavlink); nothing in the bundle asks for unrelated credentials or installs arbitrary remote code, but it instructs potentially risky direct control actions that you should review before use.
- Guidance
- This skill appears to do what it says: direct control of an ArduPilot vehicle via pymavlink. Before installing or using it: 1) only use it in a safe test environment or simulator first — the instructions explicitly require immediate, repeated control commands and a hard-coded 'force' value that could be unsafe on a live drone; 2) ensure the runtime has access to the local MAVLink endpoint (TCP/serial) and that you trust the source (no homepage/source provided); 3) manually install and verify pymavlink in an isolated environment rather than auto-running unknown code; 4) review and understand each MAVLink command (ARM/TAKEOFF/LAND) and the implications of the '21196' value; and 5) don't run this against a real aircraft until you verify behavior in simulation and have safety cutoffs (kill switch, geofence, spotter).
Review Dimensions
- Purpose & Capability
- okName/description say it controls ArduPilot via pymavlink and the SKILL.md contains only pymavlink-based MAVLink commands and connection details — these are coherent with the stated purpose.
- Instruction Scope
- noteInstructions focus on connecting to a local MAVLink endpoint (tcp:localhost:5762), sending ARM/GUIDED/TAKEOFF/LAND and monitoring telemetry; they do not read unrelated files or exfiltrate data. Notes of caution: the guide mandates continuous immediate command sending and uses a hard-coded 'magic' force value (21196), which is operationally significant and potentially unsafe if used on a real vehicle without understanding implications. The SKILL.md also tells the user to run 'pip install pymavlink' even though no install spec is declared in metadata.
- Install Mechanism
- noteThis is instruction-only (no install spec, no code files) which is low risk from an installation perspective. The README requests pip installing pymavlink, but the skill metadata does not declare this dependency — a minor mismatch to be aware of but not itself malicious.
- Credentials
- okThe skill declares no environment variables or credentials, which is appropriate. It does implicitly require network/host access to connect to local MAVLink endpoints (TCP or serial) and permission to install Python packages if the operator follows the instructions.
- Persistence & Privilege
- okalways is false and the skill does not request persistent/system-wide privileges or modify other skills. The skill can be invoked autonomously (platform default), which is expected for an actionable control skill.