Back to skill
Skillv1.0.0
ClawScan security
Xss Detection And Exploitation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 12:46 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only offensive security guide for XSS (detection, exploitation, and remediation) and its requested footprint (no installs, no credentials, no config access) matches its stated purpose.
- Guidance
- This skill is a dual-use offensive security playbook: technically coherent and aligned with its description, but it contains explicit exploit and exfiltration techniques. Only install and use it in environments where you have explicit, documented authorization to test. Prefer using it in an isolated lab or staging environment. If you will allow autonomous invocation, be cautious: restrict outbound network access or monitoring so accidental/external data exfiltration cannot occur, and remove or replace any example attacker endpoints before running automated tests. If you lack legal authorization or the ability to safely isolate testing, do not install or use this skill.
Review Dimensions
- Purpose & Capability
- okName and description match the content of SKILL.md. The skill is instruction-only and does not request unrelated binaries, credentials, or system access — which is proportionate for a testing/exploitation guide.
- Instruction Scope
- noteSKILL.md contains step-by-step offensive techniques and concrete proof-of-concept payload examples (including exfiltration patterns that reference attacker collection endpoints). This is expected for an exploitation guide, but it means the instructions teach how to exfiltrate sensitive data and could be misused if applied to unauthorized targets. The instructions do not appear to instruct reading unrelated local files or environment variables.
- Install Mechanism
- okNo install spec and no code files are present; nothing will be written to disk. This is lowest-risk for installation mechanics and is coherent for an instruction-only skill.
- Credentials
- okThe skill declares no environment variables, credentials, or config paths. That is appropriate given its stated purpose and matches the content of the SKILL.md.
- Persistence & Privilege
- okThe skill is not forced-always and is user-invocable. Autonomous model invocation is allowed (platform default) but there are no additional privileges or persistent presence requested by the skill.