Skillv1.3.1

ClawScan security

Agent Workforce Orchestration: Hybrid Human+AI Teams · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 15, 2026, 7:13 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: This is an instruction-only guide for building a workforce orchestrator that only requests a GreenHelix API key; its declared requirements and scope are consistent with the described purpose, though a few minor clarifications would increase confidence.
Guidance: This skill is an educational guide that appears internally consistent: it only asks for a GreenHelix API key and otherwise contains example code. Before using it, do the following: (1) inspect the full SKILL.md examples to see whether any snippets read other environment variables, files, or call external endpoints beyond GreenHelix; (2) confirm the difference between sandbox (no key) and production usage — only provide GREENHELIX_API_KEY to environments you trust; (3) if you plan to run the example code, review payment/escrow and payroll-related code carefully for safety and compliance (avoid running payment or payroll code in production without review); and (4) verify what GreenHelix is allowed to do with that API key (scope, read/write, payment authority) and rotate/revoke keys if you stop using the skill.

Review Dimensions

Purpose & Capability: okThe skill is a guide for building a workforce orchestrator using the GreenHelix gateway and declares GREENHELIX_API_KEY as its sole required credential. No unrelated binaries, host-level config paths, or unrelated credentials are requested, which aligns with the stated purpose of integrating with a single gateway service.
Instruction Scope: noteSKILL.md is instruction-only and reportedly contains working Python examples for payment/escrow, discovery, reputation, and compliance. The frontmatter and body indicate the examples target the GreenHelix sandbox (which the doc says requires no API key for initial exploration) while the skill still lists GREENHELIX_API_KEY as the primary credential (reasonable for production use). I did not see instructions that ask the agent to read unrelated system files or other environment variables in the provided excerpt, but the file is long and truncated — review full examples before executing them.
Install Mechanism: okNo install spec and no code files — lowest-risk instruction-only skill. Nothing is written to disk by an installer.
Credentials: noteOnly GREENHELIX_API_KEY is requested, which is proportionate for a guide that integrates with a single gateway. However, a production orchestrator often needs additional credentials (payment rails, payroll, external marketplaces); the skill does not request those, which is plausible if GreenHelix acts as an aggregator, but you should verify whether the examples assume other credentials at runtime.
Persistence & Privilege: okalways: false and no install actions — the skill does not request persistent, elevated presence. Model invocation is allowed (default) which is normal for skills and is not, by itself, a problem.