Back to skill
Skillv0.1.6
ClawScan security
Rolling Suds Workiz Lead Runner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 6, 2026, 2:17 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only, read-only orchestration layer for processing pasted Workiz lead data and does not request extra credentials, installs, or system access — its declared behavior and requirements are internally consistent.
- Guidance
- This skill appears coherent and low-risk: it only processes user-provided lead text and does not request credentials or install code. Before installing, consider: (1) only paste non-sensitive lead data (or scrub PII) because outputs could be shown or logged by your agent, (2) confirm the GitHub homepage/repo if you want source code provenance, and (3) if you later enable API integration, provide Workiz credentials only when you trust the skill and have reviewed any added code or install steps. If you need higher assurance, ask the publisher for an explicit implementation or code listing for review before enabling API mode.
Review Dimensions
- Purpose & Capability
- okName/description (read-only Workiz lead runner) matches the instructions: it processes pasted/exported lead+client data and prepares summaries/estimates/notes. It does not request unrelated credentials or binaries and explicitly avoids write-back, so requested capabilities are proportionate to the stated purpose.
- Instruction Scope
- okSKILL.md confines runtime behavior to reading user-provided lead data and composing outputs (summaries, estimator inputs, Workiz-ready notes). It explicitly forbids modifying Workiz and does not instruct the agent to read system files, environment variables, or send data to external endpoints. The 'future API mode' is conceptual and is appropriately gated by permissions.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. This minimizes on-disk risk; nothing is downloaded or installed by the skill itself.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. That aligns with its current read-only, manual-input design. It notes future API readiness but does not attempt to collect or describe credential flows now.
- Persistence & Privilege
- okNo 'always: true' flag, no system persistence, and no instructions to modify other skills or agent-wide settings. Autonomous invocation is allowed (default) but not combined with any elevated privileges or secret access.