Skillv1.0.0

ClawScan security

Market Research · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 18, 2026, 5:00 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (market research) matches its instructions, but the runtime instructions expect local Node scripts and web-scraping behavior that are not declared or packaged with the skill — verify those tools and their network/file behavior before installing.
Guidance: This skill's instructions are broadly consistent with market research, but it expects to run local Node helper scripts (tools/clis/exa.js and tools/clis/firecrawl.js) and to scrape external report pages. Before installing or enabling the skill: 1) Confirm the agent environment actually has Node and those helper scripts, or ask the publisher to include an install spec or bundled tools. 2) If those scripts exist, review their source to see what they do (network endpoints they call, whether they exfiltrate data, what files they read). 3) Decide whether it's acceptable for the agent to read the optional .agents/product-marketing-context.md file from its workspace. If you cannot confirm the provenance and behavior of the helper scripts, treat this skill as higher risk and avoid enabling it until the missing dependencies/install steps are clarified.

Review Dimensions

Purpose & Capability: noteThe skill claims to perform market research and instructs the agent to perform web searches and occasional scraping, which is coherent with the stated purpose. However, the SKILL.md explicitly invokes Node-based helper scripts (node tools/clis/exa.js and node tools/clis/firecrawl.js) and references local tool paths that are not included in the skill bundle and are not listed in required binaries or install steps.
Instruction Scope: noteInstructions mainly stay within the market-research scope (ask clarifying questions, search, optionally scrape specific reports, synthesize results). They do instruct reading a local context file (.agents/product-marketing-context.md or .claude/...), which is reasonable. They also permit scraping of external report URLs — acceptable for this purpose but worth auditing since scraping can download and process arbitrary external pages and might capture sensitive content.
Install Mechanism: concernThere is no install spec and no code files bundled. Yet the runtime commands rely on local Node scripts under tools/clis/*. Because those helper scripts are not provided and no installation instructions are present, the skill assumes an environment configuration that may not exist. This mismatch is an incoherence: either the skill should declare required binaries (node) and these tools, or include/install them.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths beyond reading an optional local product-marketing-context file. There are no apparent secret-exfiltration requests in the SKILL.md itself.
Persistence & Privilege: okalways is false and there's no install that writes persistent components. disable-model-invocation is false (normal). The skill does not request elevated or persistent privileges or modify other skills' config.