Skillv1.1.0

ClawScan security

Home Reno Estimator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 7, 2026, 2:20 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's description, runtime instructions, and required runtime (python3) line up with a local estimator script, but non-trivial code files are included and were not fully inspected here — that gap makes the package partially opaque and worth caution.
Guidance: This package looks coherent for a local estimator: SKILL.md will call scripts/estimate.py with user inputs. But several non-trivial Python scripts are included (estimate.py, update_prices.py, tests) and the full source for those was not available for review here. Before installing or running the skill: 1) Inspect scripts/estimate.py and update_prices.py to confirm they do not perform unexpected network calls, open remote URLs, exec arbitrary shell commands, or upload user inputs to external endpoints. 2) Run the test suite (scripts/test_estimate.py / run-tests.sh) in a sandbox to verify behavior. 3) If the project will be used with real user data, ensure no telemetry or analytics keys are present and that sensitive user data (addresses, phone numbers) are not being transmitted. 4) If you plan to let the agent invoke the skill autonomously, consider limiting that capability until you confirm the code is safe. If you want, I can review the contents of scripts/estimate.py and update_prices.py for network I/O, subprocess usage, and any obvious secrets or obfuscation — paste them here and I’ll analyze them line-by-line.

Purpose & Capability: okThe name/description (home renovation estimator) matches the declared runtime requirement (python3) and the SKILL.md instructs running scripts/estimate.py with area/level/city — these are coherent and proportionate.
Instruction Scope: noteSKILL.md's runtime instructions are narrowly scoped: collect 3 inputs and run python scripts/estimate.py. It does not instruct reading unrelated system files or credentials. However the repository contains additional scripts (update_prices.py, package.py, tests) and many business/marketing docs; SKILL.md does not instruct running update_prices.py but that script may fetch external pricing if used — the code for those scripts was not fully reviewed in the materials shown, so the agent could execute arbitrary local Python code if invoked.
Install Mechanism: okNo install spec or remote installers are declared; the skill is packaged with its scripts and only requires python3 on PATH. There are no downloads/URL-based installers in the manifest.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. That is proportionate to an offline estimator script that uses packaged price data and docs.
Persistence & Privilege: okalways:false and no special privileges or config modifications are requested. Nothing in SKILL.md asks the agent to persist credentials or modify other skills.