Skillv1.0.0

ClawScan security

People Strategy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 14, 2026, 3:47 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with a local SQLite-based personal CRM; it does not request unrelated credentials, perform network activity, or install external software.
Guidance: This skill appears to do what it claims: a local, SQLite-backed people/relationship manager implemented in plain Python. Before installing, note that it will create and store potentially sensitive personal data in a local file (default 'people.db' in the working directory). Consider: (1) running it in a controlled environment (virtualenv or container), (2) setting strict file permissions or encrypting the DB if you store sensitive PII, (3) making regular backups and handling export files carefully, and (4) reviewing the code if you plan to run it in a multi-user or production environment (e.g., enable SQLite foreign key enforcement if you rely on ON DELETE CASCADE). There are no network calls or credential requests in the code, so risk is limited to local data storage and normal software bugs rather than exfiltration.

Purpose & Capability: okThe name/description (persistent SQLite graph of people/relationships) matches the included code and SKILL.md. The files implement local DB creation, CRUD operations, graph exports, and a CLI as described. No unrelated dependencies, binaries, or credentials are requested.
Instruction Scope: okSKILL.md and the code only reference local SQLite operations and local CLI usage. There are no instructions to read unrelated system files, access other services, or transmit data externally. The runtime behavior described aligns with the provided CLI and Python API examples.
Install Mechanism: okThere is no install script or external download; requirements.txt lists no external dependencies and the code uses only the Python standard library. Nothing is written to unusual system locations—the DB is created at the given path (default 'people.db').
Credentials: okThe skill requires no environment variables, credentials, or config paths. The code uses a local SQLite file and does not access tokens, secrets, or external services.
Persistence & Privilege: okThe skill does not request persistent platform privileges (always:false). It stores data locally in a SQLite file in the working directory, which is appropriate for its purpose. The agent-autonomous-invocation flag is the platform default and not a unique concern here.