v0.3.3

Samvida

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:12 AM.

Analysis

Samvida mostly matches its stated purpose, but it asks the agent to run shell commands with unquoted user-provided URLs and can optionally make persistent live-site changes using powerful deployment tokens.

GuidanceReview this skill before installing. It appears purpose-aligned, not malicious, but URL inputs should be handled safely before running its shell commands. Only deploy after reviewing the generated llms.txt, and use limited, temporary Cloudflare or Webflow tokens for the exact domain you want to update.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceMediumStatusConcern

SKILL.md

Run the crawler: ... crawl.py \
  {url} > /tmp/llms_business_info.json ... crawl.py \
  {url} {extra_url1} {extra_url2} > /tmp/llms_business_info.json

The URL and extra URLs come from the user, but the workflow places them directly into a shell command without quoting or strict validation.

User impactA malicious or malformed URL containing shell metacharacters could cause the agent to run unintended local commands under the user's account.

RecommendationQuote all user-supplied arguments, validate URLs strictly, reject shell metacharacters, or invoke the Python script through a structured argv/tool API instead of a shell string.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

package.json

Create venv with: python3 -m venv ~/.virtualenvs/samvida && ~/.virtualenvs/samvida/bin/pip install httpx

The package expects local Python setup and package installation even though the registry install spec says there is no install mechanism; the dependency setup is not pinned.

User impactThe skill may not run until local dependencies are installed, and unpinned packages leave more room for dependency drift.

RecommendationDeclare the Python runtime and dependencies in the install metadata, pin versions, and keep setup steps consistent with the scripts' actual imports.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

references/cloudflare_api.md

give it permission to: `Workers Scripts: Edit`, `Workers Routes: Edit` ... Creates or updates a 301 redirect ... Publishes the site

The optional deploy path requires provider credentials that can modify live Cloudflare Workers/routes or Webflow redirects and publishing state.

User impactIf used, the skill can make persistent changes to a real website's hosting configuration.

RecommendationDeploy only after reviewing the generated llms.txt, use least-privilege/revokable tokens, and verify the route or redirect points only to /llms.txt.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

_meta.json

Crawled pages may contain publicly available contact details (emails, names). These are included in the llms.txt output and sent to your configured OpenClaw LLM provider for generation.

The skill intentionally reuses crawled website content and contact details as LLM context and as material for a public llms.txt file.

User impactPublic page data and any user-supplied additions may be processed by the configured LLM provider and included in the final public file.

RecommendationDo not provide private contact, pricing, or customer information unless you intend it to be public; review the final file carefully before deployment.