Skillv1.0.0

ClawScan security

cg-test-skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 15, 2026, 8:27 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only pnpm guidance doc that is internally consistent with its stated purpose, but it omits declaring the pnpm binary requirement and explicitly tells agents to inspect .npmrc (which can contain registry credentials).
Guidance: This skill is an instruction-only pnpm reference and appears to do what it says. Before installing/using it: ensure the agent environment actually has the pnpm binary available (the skill assumes you can run pnpm but doesn't declare that requirement); be aware the skill advises agents to read pnpm-workspace.yaml and .npmrc — .npmrc files can contain registry authentication tokens or other secrets, so avoid exposing projects with sensitive .npmrc contents to an agent unless you trust it and/or have scrubbed credentials. Because the skill is instruction-only, it will not install pnpm for you; if you need automated installation, prefer a skill that explicitly documents an install step and the sources it will download from.

Purpose & Capability: noteThe name/description clearly target pnpm usage, workspaces, and dependency management and the SKILL.md content stays on that topic. Minor inconsistency: the skill expects the agent to run pnpm commands (advice about --frozen-lockfile, workspace files, CLI commands), yet the registry metadata lists no required binary. A declared requirement for the pnpm binary would be expected.
Instruction Scope: noteRuntime instructions are scoped to pnpm usage: checking pnpm-workspace.yaml, .npmrc, using CLI flags, and best practices. This is appropriate for the skill. However, the guidance explicitly tells agents to check .npmrc files — those files can contain registry auth tokens or credentials. While checking them is relevant to pnpm behavior, it carries a privacy risk if an agent transmits their contents externally; the skill does not instruct any external transmission, but the instruction to read .npmrc is notable.
Install Mechanism: okNo install spec (instruction-only). This is low-risk: nothing is downloaded or written to disk by the skill package itself.
Credentials: okThe skill declares no required environment variables or credentials, which is proportionate to an instruction-only pnpm helper. There are no unrelated secrets requested.
Persistence & Privilege: okThe skill is not forced always-on and has no install-time persistence. Autonomous invocation is allowed by platform default (not a concern by itself).