Back to skill
Skillv1.2.0
ClawScan security
Power Automate Build · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 11:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and instructions line up with its stated purpose (deploying Power Automate flows via the FlowStudio MCP server); it requires a single service token and contains only documentation and deployment guidance, but using it will transmit flow definitions and connection identifiers to the external MCP service so you must trust that service.
- Guidance
- This skill is coherent for deploying Power Automate flows via FlowStudio MCP, but installing it gives the FlowStudio service a JWT that will be used to upload flow definitions and metadata. Before using the skill: (1) confirm you trust https://mcp.flowstudio.app and review its privacy/security docs; (2) avoid embedding secrets (passwords, service credentials) directly into flow JSON — use connector-managed connections or secure inputs/outputs; (3) issue the FLOWSTUDIO_MCP_TOKEN with minimal scope and an expiration if possible and be prepared to revoke it; (4) test in a non-production environment first and review any flow JSON the skill proposes before deployment. If you cannot trust the external MCP service with your flow contents or connection identifiers, do not provide the token.
Review Dimensions
- Purpose & Capability
- okName and description match the declared requirement (FLOWSTUDIO_MCP_TOKEN) and the SKILL.md explains how to build and deploy flow JSON to the FlowStudio MCP server. Required files are flow templates, patterns, and documentation appropriate for a flow-building/deployment skill.
- Instruction Scope
- noteRuntime instructions show the agent constructing flow JSON and calling the MCP endpoint (https://mcp.flowstudio.app/mcp) with the provided JWT. This is expected for a deployer, but it means flow definitions, connection reference keys and potentially connector GUIDs or other deployment metadata will be sent to the external MCP service. The instructions do not attempt to read unrelated local files or other environment variables.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files to execute on the user's machine. Lowest-risk install posture (nothing is downloaded or written by the skill itself).
- Credentials
- noteOnly a single required env var (FLOWSTUDIO_MCP_TOKEN) is declared and it is the primary credential the skill uses to communicate with the FlowStudio MCP server — this is proportionate to the stated purpose. However, that token grants the external service the ability to act via MCP, so it should be treated as sensitive and issued with least privilege and an expiration where possible.
- Persistence & Privilege
- okalways:false and user-invocable:true (defaults). The skill does not request permanent system presence or modify other skills; it does not require elevated agent privileges.