Skillv1.0.0

ClawScan security

Social Selling Touch Planner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 17, 2026, 7:54 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is instruction-only and its requested actions (reading a prospect list, building cadences and templates, optionally fetching public profiles) match its stated purpose — nothing requested is disproportionate or unexplained.
Guidance: This skill appears coherent with its stated purpose. Before installing: (1) confirm the working directory contains only the prospect/account files you intend the agent to read (remove unrelated sensitive files), (2) do not provide platform login credentials — the skill doesn't request them; if you want it to post or act on your behalf, plan how to supply credentials securely outside the skill, (3) review any generated messages/templates before sending or posting, and (4) if you are concerned about autonomous actions, consider restricting autonomous invocation or monitoring the agent's actions when first using the skill.
Findings: [no-findings] expected: The static scanner found nothing to analyze because this is an instruction-only skill with no code files. That absence is expected and not evidence of risk.

Purpose & Capability: okName/description align with the instructions: the skill builds social-selling cadences, templates, and schedules from a prospect list and user channel info. It does not request unrelated secrets, binaries, or installs.
Instruction Scope: okSKILL.md tells the agent to read prospect/account files from the working directory, ask the user for missing inputs, build tables/cadences/templates, and write outputs. It may optionally fetch public profile pages (WebFetch) which is consistent with building social touch plans. The instructions do not ask the agent to access unrelated system files or credentials.
Install Mechanism: okNo install spec and no code files — instruction-only. This is the lowest-risk pattern and is proportional to the skill's purpose.
Credentials: noteThe skill declares no env vars or credentials, which is appropriate. It does require read/write access to the agent's working/document directory (to find prospect-list.csv, etc.). This is expected but means the agent will have access to any files present there, so users should ensure the working directory only contains intended input files.
Persistence & Privilege: okalways is false and model invocation is allowed (default). The skill does not request permanent presence or escalate privileges; its scope is limited to reading/writing documents and optional web fetches.