Back to skill
Skillv0.1.0
ClawScan security
Canva · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 9:04 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requested access align with a Canva MCP client: it uses OAuth tokens persisted locally and a single Python dependency (mcp-skill), with no unexplained credentials or installs.
- Guidance
- This skill appears coherent for interacting with Canva via MCP, but review these before installing: (1) Confirm the MCP endpoint (default is https://mcp.canva.com/mcp) matches the official service you expect. (2) Understand OAuth tokens will be stored under ~/.mcp-skill/auth/ — if you install, ensure you trust the environment and revoke tokens if needed. (3) Inspect the mcp-skill package source or install from a trusted index. (4) Avoid running as an elevated user and verify the code if you will grant broad Canva scopes. If anything about the endpoint, package source, or requested OAuth scopes looks off, do not install.
Review Dimensions
- Purpose & Capability
- okName/description claim Canva MCP tooling; the code implements calls to an MCP endpoint (default https://mcp.canva.com/mcp) and exposes tools that match the documented capabilities. Required binaries/env vars/config paths are minimal and consistent with an API client.
- Instruction Scope
- noteSKILL.md instructs adding .agents/skills to PYTHONPATH and shows example usage; it documents OAuth-based authentication and notes tokens are persisted to ~/.mcp-skill/auth/. These are within scope for an API client but you should be aware OAuth tokens are stored on disk.
- Install Mechanism
- okNo install spec in the registry; dependencies are installed via pip (mcp-skill). This is a standard, proportionate install mechanism for a Python client. (Minor typo in SKILL.md 'uv pip install' but otherwise normal.)
- Credentials
- noteThe skill does not require additional environment variables or unrelated credentials. It does persist OAuth tokens to ~/.mcp-skill/auth/, which is expected for an OAuth-based client but means long-lived access tokens will be stored locally.
- Persistence & Privilege
- okThe skill is not marked always:true and uses normal autonomous invocation settings. It does persist its own OAuth tokens to a local path (its own data), but does not request system-wide privileges or modify other skills' configs.