Back to skill
Skillv0.1.0
ClawScan security
Skill Scout · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 1, 2026, 10:17 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- Skill Scout's requests and instructions are coherent with its stated purpose as a ClawHub discovery/installation helper — it is instruction-only, requires npx (used in examples), and does not ask for unrelated credentials or high privileges.
- Guidance
- This skill is coherent for discovering and installing community skills, but remember: it mainly drives the clawhub CLI which will fetch and install third-party skills. Before installing any recommended skill, inspect its SKILL.md and supporting files, check the ClawHub VirusTotal / scanner reports, and avoid running installs as an elevated user. If you do not want the agent to run installs autonomously, disable autonomous invocation for this skill or only use it interactively. Finally, only install skills from sources you trust, since community skills can request credentials or perform network actions when installed.
Review Dimensions
- Purpose & Capability
- okName and description match the runtime instructions: the SKILL.md describes searching, inspecting, and installing skills from ClawHub and references the npx-based CLI. The required binary (npx) aligns with the provided install examples. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okThe guidance confines itself to running clawhub CLI commands, web lookups on clawhub.ai, and reviewing SKILL.md files before install. It does not instruct the agent to read unrelated system files or exfiltrate data. It does reference local skill storage paths (./skills, ~/.openclaw/skills/) which is appropriate for an installer helper.
- Install Mechanism
- okThis is an instruction-only skill with no install spec or code files — nothing is written to disk by the skill itself. The SKILL.md suggests using npx or the clawhub CLI to install other skills; that behavior is expected for this purpose.
- Credentials
- okNo environment variables, credentials, or config paths are required by the skill itself. The SKILL.md warns users to review required env vars for individual skills (reasonable). There are no disproportionate secret requests.
- Persistence & Privilege
- okThe skill does not request always: true and does not modify other skills or global agent configs. It can be invoked by the model (default), which is normal for skills of this type; there is no elevated persistence requested.