Back to skill
Skillv0.2.3
ClawScan security
GERMANIC · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 1, 2026, 9:36 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and instructions are coherent with its stated purpose (a CLI that validates and compiles JSON to .grm) and it does not ask for unrelated credentials or system-wide privileges.
- Guidance
- This skill appears to be what it says: a local CLI for schema validation and compiling JSON to .grm. Before installing, do these simple checks: (1) Inspect the Homebrew tap/formula (germanicdev/germanic) on GitHub to confirm the source and review build/install steps. (2) Prefer installing in a controlled environment (container or sandbox) the first time to verify behavior and that the binary matches the expected version. (3) Be cautious when running germanic serve-mcp — that mode may expose an IPC or network surface to other clients; only enable it if you trust the integration and have inspected what it listens on. (4) If you rely on the security-audit claims, ask for the audit report or verify the binary reproducibly; otherwise treat the offline/telemetry claims as assertions you may want to validate.
Review Dimensions
- Purpose & Capability
- okName/description, required binary (germanic), and the provided workflows (compile, validate, inspect, init) align. The Homebrew install of a germanic formula is proportionate to a CLI tool. No environment variables or unrelated binaries are requested.
- Instruction Scope
- noteSKILL.md instructs the agent to run filesystem-scoped commands (find, germanic compile/validate/inspect/init). Those are appropriate for a compiler/validator. One area to note: the document documents a 'germanic serve-mcp' mode for integration; running that command may expose an API/IPC surface to other clients (MCP) and increases attack surface compared with purely offline, single-run CLI usage. The SKILL.md otherwise does not instruct the agent to read unrelated config, secrets, or network endpoints.
- Install Mechanism
- noteInstall is via a Homebrew formula (germanicdev/germanic/germanic). Homebrew installs are low-risk compared to arbitrary downloads, but this is a third-party tap (germanicdev) rather than an official core formula — users should review the tap/formula source before trusting it.
- Credentials
- okThe skill requests no environment variables, no credentials, and no config paths. That is proportionate to a local CLI that validates/compiles JSON.
- Persistence & Privilege
- okalways is false and there are no instructions to modify other skills or global agent configuration. The skill can be invoked autonomously by the model (default), which is normal for skills but not a special privilege here.