Skillv1.0.0

ClawScan security

Lobster Friends Protocol Real · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 13, 2026, 2:32 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's description and requested runtime tools match a P2P friend-management tool, but the package is incomplete (it references install scripts and many code files that are not present) and therefore cannot be verified; that mismatch raises suspicion and requires further review before installation.
Guidance: Do not run or install this skill yet. The SKILL.md describes many scripts and an install.sh but those files are not included in the package—this prevents verification of what would actually execute. Before installing, ask the publisher for: (1) the missing install.sh and all referenced scripts (lobster-friends.sh, lib/*.sh, etc.) and review their contents for network calls, downloads, and commands run with sudo; (2) the source repository/homepage or the upstream secure-p2p-messenger source to verify provenance. If you must test, do so in an isolated sandbox or VM, do not run unknown install scripts with sudo on a production machine, and inspect any scripts that perform network scanning, Bluetooth/WiFi operations, or external downloads. The skill otherwise appears coherent with its purpose, but the absent files create an unverifiable risk—obtaining and reviewing the actual install/runtime scripts would materially change this assessment.

Review Dimensions

Purpose & Capability: noteName/description (P2P encrypted social/friend management) aligns with required binaries (bash, jq, openssl, sqlite3) and the declared dependency on secure-p2p-messenger. Asking to install system packages (sqlite3, jq, openssl) is reasonable for the described functionality.
Instruction Scope: concernThe SKILL.md instructs network scanning, broadcasting discovery signals, Bluetooth/WiFi-Direct usage and running local install and management scripts (./install.sh, lobster-friends.sh). Those actions are consistent with the stated purpose but can access the network and local storage. Critically, the runtime instructions reference many scripts and files that are not included in the package, meaning the actual runtime behavior is unknown until those scripts are provided and inspected.
Install Mechanism: concernSKILL.md metadata lists an install step that runs ./install.sh and package.json lists install.sh in files, but the skill bundle does not contain install.sh or any of the referenced shell scripts. This mismatch is a red flag because an install script—if present—would run arbitrary shell commands. The package.json dependency on @clawhub/secure-p2p-messenger is plausible but should be validated upstream (source repo).
Credentials: okThe skill requests no environment variables or external credentials in the manifest. A debug environment variable (LOBSTER_FRIENDS_DEBUG) is mentioned in SKILL.md examples but is optional. There are no declared secrets or unrelated credential requests.
Persistence & Privilege: notealways is false and the skill does not claim to modify other skills or global agent settings. However, the install instructions and scripts (if present) would likely write files (databases, config) and may require package installs; review of the missing install.sh is needed to assess privilege escalation risk (e.g., sudo usage).