Skillv0.1.0

ClawScan security

Webperf Resources · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 11, 2026, 2:48 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's documentation promises a full network-quality measurement and JSON outputs, but the included script is a tiny stub that doesn't produce the claimed metrics or follow the declared return schema — the pieces don't add up.
Guidance: This skill's README promises a full network-quality analyzer, but the shipped script is a placeholder that does not return the structured JSON the agent expects. Installing as-is is unlikely to give the results described and may cause the agent to behave unpredictably when it expects metrics (it may get undefined or nothing). Before installing or running: (1) request the real implementation or a version that returns the documented JSON schema; (2) inspect or run the script in Chrome DevTools to confirm it returns the expected object (effectiveType, downlink, rtt, saveData); (3) verify the repository/source (there is no homepage listed) and prefer a published release on a known host; and (4) if you need cross-skill triggers, confirm the other skills exist and implement the referenced snippets. If the author provides an updated script that matches the schema, re-evaluate — current state is inconsistent but not evidently malicious.

Purpose & Capability: concernThe SKILL.md describes a full-featured network quality analyzer (effectiveType, RTT, downlink, save-data, decision trees, cross-skill triggers). The package contains no required env, no install, and only one 459-byte JS file that is effectively a stub. The claimed capabilities are far larger than what the shipped artifacts implement.
Instruction Scope: concernSKILL.md instructs agents to run Network-Bandwidth-Connection-Quality.js and expects structured JSON per the repository schema. The actual script only reads navigator.connection (if present), registers an empty 'change' listener, and returns only in the 'unsupported' path — it does not compute or return effectiveType, RTT, downlink, save-data, or any structured result. This is scope creep / mismatch between instructions and actual runtime behavior.
Install Mechanism: okNo install spec (instruction-only) and no downloads. Nothing will be written to disk beyond the skill's files. This is low-install risk.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. That is proportionate (and conservative) for a frontend DevTools snippet.
Persistence & Privilege: okSkill uses default invocation settings (not always:true). It does not request persistent privileges or modify other skills. Autonomous invocation is allowed by platform default but is not combined with other concerning privileges here.