Skillv1.0.0

ClawScan security

Intake META Ads Analyst · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 7, 2026, 10:28 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, files, and instructions are consistent with its stated purpose (pulling META/Facebook/Instagram ad insights for a specific Intake Breathing ad account) and request only the expected short-lived API token and account id; there are no hidden endpoints or unrelated credential requests.
Guidance: This skill is internally consistent and appears to do what it claims: pull Meta Marketing API insights for the Intake Breathing ad account using a provided access token. Before installing or running it, consider the following: 1) Access tokens are sensitive—use short-lived tokens and revoke them after use; never paste long-lived or account-owner tokens unless you trust the skill and operator. 2) Confirm you trust the skill author/owner (GrowthSet / the listed account manager) and that the included ad account id (act_2335535636459862) is intended. 3) The script writes CSV/JSON to /home/user/workspace/ by default—ensure that path is appropriate and does not expose sensitive data. 4) If you require stronger assurance, review the included Python script yourself (it is readable and uses only graph.facebook.com and standard libs) or run it in an isolated environment. 5) If you want the agent to not store or reuse the token, confirm with the skill owner how tokens are handled; the instructions ask for fresh, short-lived tokens which is preferable.

Review Dimensions

Purpose & Capability: okThe skill name/description match the bundled artifacts: SKILL.md, account context, diagnostics, and a Python script that calls the Meta Marketing API. The ad account id and developer app referenced are consistent with the client context and the script's functionality. There are no unrelated environment variables, binaries, or external services requested.
Instruction Scope: okRuntime instructions stay within the expected scope: read account context, request an access token (ads_read) and account id, run the included Python exporter, and save CSV/JSON exports. The instructions explicitly request short-lived Graph API Explorer tokens and tell the operator to ask Max for a fresh token at session start. There are no instructions to read unrelated system files or to exfiltrate data to endpoints other than the Meta Graph API and local outputs.
Install Mechanism: okNo install spec is provided (instruction-only plus an included script). The only runtime dependency is the public 'requests' Python package (pip install requests), which is proportional to the task. There are no downloads from untrusted URLs or archive extraction steps.
Credentials: okThe skill requires no environment variables or stored credentials. It requires an access token and account id supplied interactively (short-lived Graph API tokens), which is appropriate for calling the Marketing API. No unrelated secrets or system configs are requested. Note: access tokens are sensitive and must be handled carefully.
Persistence & Privilege: okThe skill is not force-included (always: false) and does not request persistent system privileges or attempt to modify other skills. It writes output files to a workspace path as instructed, which is normal for an export tool. The skill allows agent invocation (disable-model-invocation: false), which is platform-default and acceptable here.