Back to skill
Skillv1.0.0
ClawScan security
Browser Bookmarks Cleanup · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 21, 2026, 5:39 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are consistent with a local macOS browser-bookmarks analysis and cleanup tool and do not request unrelated credentials or network access.
- Guidance
- This skill appears to do only local analysis and opt-in cleanup of browser bookmarks and history. Before running: (1) review the generated plan JSON before using --write, (2) run a dry-run and keep the backup files it creates, (3) close the browser before committing changes as recommended, and (4) be aware the tool reads your History (places.sqlite) which contains visited URLs — treat that data as sensitive. Note the skill package has no homepage and an unknown publisher; if you require provenance, ask the publisher for source hosting or a reproducible release before trusting it with your real profiles.
Review Dimensions
- Purpose & Capability
- okName and description match the included scripts: discovery of Chrome/Firefox profiles, read-only analysis of bookmarks/history, proposal of a JSON plan, and an opt-in apply step that creates backups. The declared scope (macOS browser files) is consistent with the hardcoded BROWSER_ROOTS and commands.
- Instruction Scope
- okSKILL.md commands map directly to the CLI scripts. The runtime instructions confine operations to local files (Bookmarks JSON, places.sqlite, History) and require explicit user approval and a --write flag for changes. The SKILL.md 'Hard Safety Rule' (no network requests to bookmark URLs) is respected by the code (no network libraries or outbound calls present).
- Install Mechanism
- okThere is no install spec or external download; the skill is delivered as code files that run with the system Python. No third-party packages, remote URLs, or extract/install steps are present in the package.
- Credentials
- okThe skill requests no environment variables, credentials, or external tokens. It accesses only local browser files (Bookmarks JSON, Local State, places.sqlite, History) appropriate for its stated purpose.
- Persistence & Privilege
- okThe skill is not always-enabled and is user-invocable. It does not modify other skills or system-wide agent settings. Write operations are opt-in, perform a timestamped backup, and the code provides a rollback path.