Skillv1.2.5

ClawScan security

Photo Captions · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 20, 2026, 8:15 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only skill is internally consistent with its stated purpose (generating platform-specific photo captions) and does not request credentials, installs, or suspicious permissions.
Guidance: This skill appears coherent and low-risk from a security/privilege perspective because it’s instruction-only and asks for no credentials or installs. Before enabling: (1) remember that captions will include any location or gear info you supply — don’t share photos with sensitive EXIF/location data if you don’t want that published; consider stripping EXIF before sharing. (2) The SKILL.md contains platform-specific rules (hashtag counts, character limits) that may be inaccurate or out of date — review outputs for correctness before posting. (3) The skill has no homepage or verifiable author linked in the package metadata; if provenance matters to you, prefer skills with clear sources. If those caveats are acceptable, the skill's behavior matches its description.

Purpose & Capability: okThe skill's name and description match the SKILL.md instructions: it generates captions tailored to many social platforms and the instructions only describe how to format outputs per platform. It does not request unrelated credentials, binaries, or config paths.
Instruction Scope: noteThe runtime instructions stay within caption-generation scope and do not instruct the agent to read system files, environment variables, or send data to external endpoints. Two items to note: (1) the SKILL.md instructs including location/gear when provided — that can expose sensitive info if the user shares EXIF or location data; (2) there is at least one factual inaccuracy in the guidance (e.g., claiming 'Exactly 5 tags (Instagram's current limit)' which is incorrect relative to Instagram's actual hashtag limits). These are functional/accuracy issues rather than signs of malicious behavior.
Install Mechanism: okNo install spec and no code files — the skill is instruction-only, so nothing is written to disk or downloaded at install time.
Credentials: okThe skill requires no environment variables, credentials, or config paths. There is no disproportionate access requested for the stated purpose.
Persistence & Privilege: okalways:false (default) and normal agent invocation permissions. The skill does not request persistent system-wide changes or elevated privileges.