Skillv1.0.1

ClawScan security

Email Finder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 15, 2026, 4:08 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what its name says (scrape, DNS lookups, and SMTP RCPT checks) and requests no credentials, but the provided code was truncated in the manifest and there are several implementation choices (disabled TLS verification for HTTP fetches, built-in SMTP probing) and operational risks that merit caution before installing or running it.
Guidance: This skill appears to implement an email-finder tool that scrapes pages, reads DNS records, and probes mail servers via SMTP RCPT TO. Before installing or running it: 1) Review the full script — the provided file in the manifest was truncated, so there may be hidden behavior in the omitted portion. 2) Be aware SMTP verification performs active probes to other domains' mail servers (outbound port 25) and can trigger blacklisting or be considered intrusive—use --no-verify if you only need DNS/scraping. 3) The fetch code disables HTTPS certificate validation (ssl.CERT_NONE), which is insecure; consider enabling cert checks or running in a controlled environment. 4) Respect target sites' terms of service and robots.txt and avoid bulk runs; SKILL.md's rate-limiting guidance is helpful—follow it. 5) Ensure you have permission for any large-scale or automated lookups, and run the tool from an environment where outbound SMTP/DNS traffic is allowed and won't affect other services. If you want to proceed, request the full, untruncated source to audit before use.

Review Dimensions

Purpose & Capability: okName and description align with the included script: website scraping, DNS inspection, pattern guessing, and SMTP RCPT verification. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope: concernSKILL.md and the script instruct the agent to fetch site pages, query search-engine-like URLs, and perform SMTP RCPT checks against mail servers. Those actions are consistent with the stated purpose but are network-scanning behaviors with privacy/abuse implications. The code also disables HTTPS certificate validation when fetching pages (ssl.CERT_NONE / check_hostname=False), which is a security risk and unusual for a scraping tool and could mask MITM/network issues. SKILL.md encourages rate-limiting (good), but the script performs potentially sensitive external probes (SMTP) that could lead to abuse or IP blacklisting.
Install Mechanism: okNo install spec is included; dependencies are minimal and declared (dnspython). No downloads from arbitrary URLs or archives are present in the manifest.
Credentials: okThe skill requests no environment variables or credentials. The network access (HTTP/HTTPS, DNS, outbound SMTP on port 25) is proportional to the feature set but requires the user to ensure allowed egress in their environment.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges or modify other skills. Autonomous invocation remains possible (platform default) but is not combined with other red flags.