Skillv0.1.0

ClawScan security

Local Web Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 22, 2026, 11:50 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and runtime instructions match its description: it scrapes DuckDuckGo HTML, returns JSON with trust scoring, requests no credentials, and has no install steps or surprising requirements.
Guidance: This skill appears to do what it says: run the included Python script to scrape DuckDuckGo and return JSON results with a basic trust score. Before installing, consider: (1) Any query you run will be sent to DuckDuckGo — do not send secrets or highly sensitive data. (2) Scraping is brittle and may break if the search HTML changes; you may need to update the parser. (3) Repeated automated queries can trigger rate limits or violate a site's terms of service — use responsibly and add throttling or caching if you run many queries. (4) Prefer official APIs when accuracy, stability, or privacy of queries is important. If you’re comfortable with these caveats, the skill is internally coherent and does not request disproportionate access.

Review Dimensions

Purpose & Capability: okName/description align with the included Python script and SKILL.md. The script performs DuckDuckGo HTML scraping, applies a simple trust-scoring heuristic, implements retry/backoff, and outputs the documented JSON fields. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope: noteSKILL.md instructs running the included script and accurately documents output and behavior. The script only issues outbound HTTPS GET requests to DuckDuckGo HTML and does not read local environment variables or files. Notes of caution: queries are transmitted to a third party (DuckDuckGo) so sensitive queries would be exposed; scraping may break if DuckDuckGo changes HTML or could trigger rate-limiting or TOS concerns. The script uses regex-based HTML parsing (brittle) rather than a robust parser.
Install Mechanism: okNo install spec is present; the skill is instruction-only with an included script. Nothing is downloaded or written at install time and there are no external installers or archives. Risk from install mechanism is minimal.
Credentials: okNo environment variables, credentials, or config paths are requested. The script does not read or require secrets. The absence of credentials is proportionate to the skill's purpose.
Persistence & Privilege: okThe skill does not request always:true and does not modify other skills or system-wide settings. It can be invoked autonomously by the agent (default behavior) but it does not require elevated or persistent privileges.