Back to skill
Skillv0.0.0-nightly.e055304
ClawScan security
p4u · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 11:33 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only wrapper for the p4u binary that consistently asks the agent to run p4/p4u commands; its requirements and instructions align with its stated Perforce CLI purpose.
- Guidance
- This skill is internally consistent with being a Perforce CLI helper, but take these practical precautions before installing or allowing autonomous runs: 1) Only install the p4u binary yourself after verifying the checksum and that you trust the GitHub repo/nightly channel referenced. 2) Do not allow the agent to execute the provided install commands autonomously; SKILL.md explicitly says not to. 3) Perforce credentials are handled by the p4 client (run `p4 login` yourself); you should not paste secrets into the skill. 4) The skill documents destructive commands and requires confirmation — pay attention to prompts before confirming delete/revert operations. 5) If you need stronger assurance, review the p4u binary source or prefer a tagged/stable release rather than 'nightly'.
- Findings
[no-code-files-scan] expected: The package is instruction-only (SKILL.md + _meta.json). The regex scanner had no code files to analyze; this is expected for an instruction-only skill. Security-relevant behavior is described in SKILL.md rather than code.
Review Dimensions
- Purpose & Capability
- okName/description describe a Perforce CLI helper and the SKILL.md only instructs use of p4u and p4; there are no unrelated credentials, binaries, or config paths requested. The added install instructions (GitHub and Perforce downloads) are consistent with installing the described tool.
- Instruction Scope
- noteSKILL.md tells the agent to run p4u/p4 commands and to check for the p4u binary first (rule 0). It also contains manual install steps (curl/Invoke-WebRequest and sudo mv). The doc explicitly warns not to run installs autonomously and requires explicit confirmation for destructive actions — this scope is appropriate but the presence of concrete install commands means the agent must not execute them without user consent.
- Install Mechanism
- noteThere is no registry install spec (instruction-only). The SKILL.md suggests downloading pre-built binaries from GitHub releases and official Perforce download URLs and includes checksum verification. These are common install methods; use of a nightly release channel is noted and may carry typical trust/upgrade considerations.
- Credentials
- okThe skill requests no environment variables, no credentials, and no config paths. It relies on the locally-installed p4 client for authentication (user must run `p4 login`) which is proportional to the stated functionality.
- Persistence & Privilege
- okThe skill is not always-enabled and doesn't request persistent privileges or to modify other skills. Model invocation is allowed (platform default), which is expected for a user-invocable CLI helper; there is no evidence of excessive requested persistence.