Skillv0.1.3

ClawScan security

Our world in data · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 17, 2026, 1:10 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions and requirements align with its stated purpose (fetching and summarizing OWID charts via the owid-catalog Python module); it is an instruction-only skill with no hidden credential requests or unrelated behavior.
Guidance: This skill is coherent but you should: (1) install the owid-catalog package in a controlled environment (use a virtualenv or sandbox), because SKILL.md asks you to pip-install a pre-release version (1.0.0rc2) from PyPI; (2) review the package on PyPI/GitHub to confirm authorship and readme/changelog before trusting it; (3) ensure the runtime has pip/network access and that installing third-party packages is acceptable in your environment; (4) be aware the skill will query OWID's public API (subject to rate limits) and will return translated summaries if requested — verify translations for fidelity; and (5) if you require higher assurance, ask for a stable release (non-rc) or a pinned commit/OSS source link before installing.

Review Dimensions

Purpose & Capability: okThe name/description match the SKILL.md: it documents use of the owid-catalog Python module to search, fetch, and summarize Our World in Data charts. No unrelated environment variables, binaries, or config paths are requested, and the actions described (search, fetch, summarize, include URL) are proportional to the stated purpose.
Instruction Scope: okSKILL.md contains concrete Python usage (client.charts.search, fetch, produce structured JSON) and error handling. It does not instruct the agent to read arbitrary files, access unrelated credentials, or exfiltrate data to unexpected endpoints. It does require searching in English and post-processing translations, and mandates disclosure of OWID as the source.
Install Mechanism: noteThere is no formal install spec in the registry, but the SKILL.md recommends running `pip install owid-catalog==1.0.0rc2`. This is a PyPI pre-release version (rc), which is moderate risk compared with stable releases: it requires network access and will write packages to disk. The skill does not declare that pip is required in metadata, so the environment may need pip/virtualenv to be present or an operator should install the package in a controlled environment.
Credentials: okThe skill requests no environment variables, credentials, or config paths. That is proportionate — fetching public OWID data does not require secrets.
Persistence & Privilege: okThe skill is not marked always:true and does not request persistent elevated privileges or to modify other skills or system-wide agent settings. Normal autonomous invocation (disable-model-invocation:false) is the platform default and not a red flag here.