Skillv1.0.0

ClawScan security

Content Writer - MCB AI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 5, 2026, 8:27 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only social media content generator whose files and runtime instructions are internally consistent and do not request credentials, installs, or external endpoints.
Guidance: This skill is instruction-only and does not ask for credentials or install external code, so its immediate technical risk is low. Before installing, consider: (1) review the reference files (brand-context and formatting rules) to ensure you accept the required brand mentions and strict no-URL/no-asterisk output rules; (2) avoid pasting sensitive private documents as 'source material'—the skill will use any provided text to generate posts; (3) the skill requires numeric data for many outputs—if you supply vague sources it may fabricate specific numbers, so verify all data-backed claims before publishing; (4) README shows an npx install example, but the registry has no install spec here—confirm the installation method you plan to use comes from a trusted source; and (5) note the small internal inconsistency about default language (English vs Vietnamese) and the mention of a separate content-research skill — this affects usability but not security.

Review Dimensions

Purpose & Capability: noteThe skill's name and description (generate platform-optimized social posts from source material) match the provided instructions and reference files. Minor inconsistencies: SKILL.md's Step 1 lists default language as Vietnamese while references/brand-context.md states default English unless Vietnamese is requested. The SKILL.md also says it 'works best after using the content-research skill' even though no such dependency is declared in the registry metadata — this is a usability note, not a security mismatch.
Instruction Scope: okAll runtime instructions are about composing posts from user-provided source material and internal reference files. The skill asks the agent to read local reference files (packaged with the skill) and to request source material from the user. It does not instruct the agent to read system files, environment variables, or contact external endpoints. It enforces strict output formatting (no URLs, no asterisks) and requests data-backed claims, which is functional but could lead to hallucinated numeric claims if the user-provided source lacks numbers.
Install Mechanism: okThere is no install spec in the registry entry and no code files that would be executed; the package is instruction-only. The README contains an example 'npx clawhub@latest install content-writer-mcbai' but that is documentation only — the registry shows no automatic installer or download-from-URL behavior to review.
Credentials: okThe skill requires no environment variables, no credentials, and no special config paths. All required inputs are user-provided content and format/tone/platform options, which are proportionate to the stated purpose.
Persistence & Privilege: okThe skill is not marked 'always' and does not request any elevated persistence or cross-skill configuration changes. Autonomous invocation is allowed by default (platform behavior) but is not combined with other red flags here.